On 8/17/05, Premsun Choltanwanich <[EMAIL PROTECTED]> wrote:
Dear All,
I need to distribute my application that use PostgreSQL as database to
my customer. But I still have some questions in my mind on database
security. I understand that everybody who get my application database will
be have a full control permission on my database in case that PostgreSQL
already installed on their computer and they are an administrator on
PostgreSQL. So that mean data, structure and any ideas contain in database
will does not secure on this point. Is my understanding correct?
What is the good way to make it all secure? Please advise.
If it is "your" database, then I would not give them the database,
but merely offer the information in the database as a "service." This,
of course, can be implemented through the internet. That way, the rules
that govern which customers can access and see which pieces of data can
be implemented in the application itself so you wouldn't have give them
all the data and structure the customer doesn't need to see if the rules
governing how they access the database from the application are built
into the application itself, with possibly authentication credentials
stored in the database and the athentication mechanism implemented in
the application.
The only other way I can imagine where you can get beyond, atleast
not showing the data they don't need to see, is querying the database
to filter out the data 'belonging' to the customer, and export that
filtered data to isolated tables comprising a new database that could
then be given to the customer, watered down to what's relevant to them.
If it's "your" database then, hey, don't give it to them. If it's
really "their" database then you wouldn't really have a problem with
giving them their data... But it's apparently not really "their"
database so keep it to yourself and offer access to the data as a service.
Ferindo
--
Ferindo Middleton
Chief Architect
Sleekcollar.com
---------------------------(end of broadcast)---------------------------
TIP 9: In versions below 8.0, the planner will ignore your desire to
choose an index scan if your joining column's datatypes do not
match
