I wanted to bounce a few related ideas off people.
Foreign Data Wrappers
One of the biggest vulnerabilities of the current system is the need for
the client to know the PGP key. There's a better alternative for many (not
all) use cases - loading the PGP key from a file located on the server or
se
I was working on a crypto extension many, many years ago but...life. And I
found the book "Encryption in the Database" which made me rethink many
things. (It describes the approach used by Oracle.)
But between openssl 3 and some other tasks I've been revisiting some of
these ideas and focused on t
Could you add your own UPDATE trigger to the password table? It can write
an entry to a new table, e.g., (userid, current date) whenever a record in
that table is modified.
On an earlier question - the issue isn't whether someone can crack your
password, it's possible disclosure in archive media s
Some regulatory standards require all UII, even all PII, information be
encrypted within the database, not just on encrypted media. That's to
reduce exposure even if someone gets access to a live server, e.g., via SQL
Injection. (The perennial #1 risk for software vulnerabilities.)
UII is uniquely
There are alternatives. If you know what you want to find, e.g., a search
by username or email address, you can store a strong hash of the value as
an indexed column. By "strong hash" I mean don't just use md5 or sha1, or
even one round with a salt. I can give you more details about how and why
off
If you want to know how PostgreSQL compares to other databases, or are
looking for ideas on areas to improve, the jOOQ blog looks like a good
resource: https://blog.jooq.org/. jOOQ is a java library that provides a
database-agnostic way to access many different types of databases. I know
it does s
On Mon, Feb 26, 2018 at 11:29 AM, Tom Lane wrote:
> Chapman Flack writes:
> > The 0002-*.patch is a proof-of-concept patching float4_numeric and
> > float8_numeric in the trivial way (just using FLT_DECIMAL_DIG and
> > DBL_DECIMAL_DIG in place of FLT_DIG and DBL_DIG). It makes the new
> > regres
On Tue, Feb 13, 2018 at 10:24 AM, Vladimir Sitnikov <
sitnikov.vladi...@gmail.com> wrote:
> Technically speaking, Thrift is "language-independent"
> serialization-deserialization format with clean approach to backward
> compatibility.
>
> I think Thrift (or something like that) can be useful, as i
Isn't thrift the communications protocol?
Do we have foreign server support for parquet and ORC files?
On Tue, Feb 13, 2018 at 8:40 AM, Udit Juneja wrote:
> Hi,
>
> I am Udit Juneja, a Computer Science undergraduate student at Thapar
> Institute of Engineering and Technology, India. I am intere
You don't need to store 25:20 in the database though - your app can use a
window that treats a day as "from 5 am today until 5 am tomorrow" and adds
24:00 to the times for tomorrow.
Bear
On Sat, Dec 30, 2017 at 2:25 PM, Gavin Flower wrote:
> On 12/31/2017 03:07 AM, Dave Cramer wrote:
>
>> We
10 matches
Mail list logo
