Mattermost Peer-to-Peer Forum

How to encrypt postgrersql


#1

Hello guys,

Currently our database as I’ve read in internet stores the direct messages somewhere locally with a plain text.

First question is : Where is that plain text stored?

Second is: How to encrypt this text so mattermost can still use the DB? Mind that we want to encrypt it from people who have access to the machine as root. So absolutely nobody can read it but mattermost


#2

Hi @alfador!

Here is more information on encryption:


#3

Hello, @alfador.

On top of the documentations shared by @amy.blais, allow me to understand the questions that you have better:

  • Question #1: Can you share the article / documentation that you came across that mentions that the direct messages is stored as plain text? Just to make sure that we are getting the right picture of what is the current behavior of message storage in Mattermost and what you are trying to achieve.
  • Question #2: Would you mind explaining the purpose of encrypting the text even from the root users? The Encryption Options for PostgreSQL provides explanation on what is offered though it does not explicitly mention the steps to perform them.

If we can gather more information on these topics from your end, that will be great. Thanks!


#4

Hi, @alfador.

Quick update here. The plain text should be stored in the Posts table. For example:

mysql> SELECT Message from Posts;
±------------------------------------------------------------------------------------------------------+
| Message |
±------------------------------------------------------------------------------------------------------+
| adanial joined the team. |
| adanial joined the channel. |
| adanial joined the team. |
| adanial joined the channel. |
| adanial joined the team. |
| adanial joined the channel. |
| adanial joined the channel. |
| adanial joined the channel. |
| :smile: |
±------------------------------------------------------------------------------------------------------+
9 rows in set (0.00 sec)