Re: [GENERAL] Local authentication/security

2007-08-27 Thread Lange Marcus
> > Lange Marcus wrote: > >> Not that it matters in your case. The password might as well be > >> "password" - if they get access to the files/application, > it's game > >> over. > > > > What about having some of the columns encrypted in the database ? > > Will that improve things abit ? > >

Re: [GENERAL] Local authentication/security

2007-08-24 Thread Richard Huxton
Lange Marcus wrote: Not that it matters in your case. The password might as well be "password" - if they get access to the files/application, it's game over. What about having some of the columns encrypted in the database ? Will that improve things abit ? Not unless you can keep the key pro

Re: [GENERAL] Local authentication/security

2007-08-24 Thread Lange Marcus
> > Is there a way to assure that the database does not get > stored on disk > > ? If my program, everytime it starts, would create or build up the > > database could this database be kept in RAM ? Or does postgres > > automatically create a database file or something ? Do you > understand >

Re: [GENERAL] Local authentication/security

2007-08-24 Thread Richard Huxton
Lange Marcus wrote: Ok. But apart from the risk with having the physical access to the computer, would it be a reasonable safe solution to limit the access with a password then ? So that, assuming a user does not have the possibility to get any kind of root access, there is no way to read or copy

Re: [GENERAL] Local authentication/security

2007-08-23 Thread Lange Marcus
Huxton [mailto:[EMAIL PROTECTED] Sent: den 23 augusti 2007 16:02 To: Lange Marcus; PG-General Mailing List Subject: Re: [GENERAL] Local authentication/security Lange Marcus wrote: > Hi, > > I guess the answer to the 2 questions would be, yes the user will > probably have physical a

Re: [GENERAL] Local authentication/security

2007-08-23 Thread Peter Eisentraut
Lange Marcus wrote: > I would like to be able to restrict the access to a database so that > only a specific program running on the same machine can access it, In postgresql.conf, set unix_socket_permissions = 770 unix_socket_group = postgres and make your program setgid postgres. Or some varia

Re: [GENERAL] Local authentication/security

2007-08-23 Thread Richard Huxton
Lange Marcus wrote: Hi, I guess the answer to the 2 questions would be, yes the user will probably have physical access to the machine, but will not have superuser access. The OS is, atleast for now, windows. I have been looking and searching manuals and so on for different methods but I still

[GENERAL] Local authentication/security

2007-08-23 Thread Lange Marcus
Hello, I would like to be able to restrict the access to a database so that only a specific program running on the same machine can access it, is this possible ? So I would like to have some kind of secure authentication(or something) between the database and the program, and the user running the