| From: | Richard Huxton <dev(at)archonet(dot)com> |
|---|---|
| To: | John McCawley <nospam(at)hardgeus(dot)com> |
| Cc: | Scott Marlowe <smarlowe(at)g2switchworks(dot)com>, Rodrigo Gonzalez <rjgonzale(at)gmail(dot)com>, Leonel Nunez <lnunez(at)enelserver(dot)com>, pgsql general <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Separation of clients' data within a database |
| Date: | 2006-12-01 10:22:15 |
| Message-ID: | 45700257.6050305@archonet.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
John McCawley wrote:
>
> Of course I still have to modify my web app and schema to facilitate the
> new security structure, but I was never too worried about handling it in
> my app...My concern was allowing people direct access to the underlying
> DB while a) blocking them from viewing others' data, and b) without
> having to drastically modify the fundamental structure of my app.
I'd be tempted by your idea of copying the data to separate databases.
Reduces impact on your app and gives you one crucial point to test
against. The disadvantage is that it will only work for the simple
per-user split you describe, nothing more complex.
Oh, and don't forget that users can see other user and database names.
--
Richard Huxton
Archonet Ltd
| From | Date | Subject | |
|---|---|---|---|
| Next Message | veejar | 2006-12-01 10:24:54 | Restoring database from files on disk |
| Previous Message | Richard Huxton | 2006-12-01 10:16:05 | Re: named cache |