| From: | Bruno Wolff III <bruno(at)wolff(dot)to> |
|---|---|
| To: | ctnan(at)adinet(dot)com(dot)uy |
| Cc: | pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: access rights |
| Date: | 2004-09-20 15:49:13 |
| Message-ID: | 20040920154913.GA30575@wolff.to |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
On Sun, Sep 19, 2004 at 02:01:10 -0300,
ctnan(at)adinet(dot)com(dot)uy wrote:
> I need a data base to install with my application, but i want that it can
> be accessed only by the application. Because it runs on the customer computer
> and i dont want he be able to watch into my database. It is posible. I mean:
> if my postgres database is on his Windows 2000 and he has the Administrator
> password. He have the posibility to view database structure or data? The
> only way to access my postgres database is having the postgres administrator
> password?
>
> Sorry for english and thanks for your time
You can't trust code that is running on hardware under control of an
adversary. There are some things you can do to limit the use of the
database by your adversary (i.e. customer). You might want to read the
book "Translucent Databases".
| From | Date | Subject | |
|---|---|---|---|
| Next Message | rjyoung | 2004-09-20 16:04:36 | Postgres setup question |
| Previous Message | Tom Lane | 2004-09-20 14:40:25 | Re: pg_dumpall failed |