Re: Deployment of PostgreSQL Applications

From: "Mitch Vincent" <mvincent(at)cablespeed(dot)com>
To: <pgsql-general(at)postgresql(dot)org>
Subject: Re: Deployment of PostgreSQL Applications
Date: 2001-08-31 14:15:59
Message-ID: 005801c13227$75a5ad70$be615dd8@mitch
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

> 2) More importantly, is it possible to prevent a customer from peeking
into
> said database once it is deployed on their machine? A large part of what
> makes my application proprietary is the data model in the database, and
it'd
> be tough to maintain a competative edge when everyone can see exactly how
I
> do things in the database by logging into their postgres account, adding
> some users and changing permissions on their machine. I really need to
make
> sure the database is bulletproof before I can begin deployment.

If the people that have your application have physical access (or even
remote superuser access) to the machine on which the database resides then
there is little you could do to prevent a knowledgeable person from getting
anything he/she wanted from the database, circumventing the PostgreSQL
security measures by reading the information right off the disk... I don't
know how hard or easy it would be to get meaningful information this way but
it's always going to be possible when people have superuser/physical access
to the machine.

-Mitch

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Martijn van Oosterhout 2001-08-31 14:17:27 Re: Create table syntax
Previous Message Martijn van Oosterhout 2001-08-31 14:13:52 Re: Deployment of PostgreSQL Applications