| From: | Kenneth Downs <ken(at)secdat(dot)com> |
|---|---|
| To: | Bill Moran <wmoran(at)potentialtech(dot)com> |
| Cc: | Kevin Hunter <hunteke(at)earlham(dot)edu>, PostgreSQL General List <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: HIPPA (was Re: Anyone know ...) |
| Date: | 2007-03-09 17:33:45 |
| Message-ID: | 45F19A79.5010703@secdat.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Bill Moran wrote:
>>> If a user has not logged in, that is, if they are an anonymous visitor,
>>> the web framework will connect to the database as the default "public"
>>> user. Our system is deny-by-default, so this user cannot actually read
>>> from any table unless specifically granted permission. In the case
>>> being discussed, the public user is given SELECT permission on some
>>> columns of the insurance carriers table, and on the schedules table.
>>>
>> Huh. Does that imply that the web framework still holds a number of
>> different DB credentials? Or does each user need to supply their
>> specific DB credentials as their authentication so the web framework is
>> merely a proxy to the DB?
>>
>> (Having recently discovered a major security oversight in one of my
>> employer's webapps, my mind's hot on this kind of thing.)
>>
>
> What's hot in my mind is "how do you securely maintain the database connection
> information between page loads?"
>
>
I suppose we could ask JP Morgan Chase bank what they do. As I
mentioned to Kevin, sooner or later the security implementation comes
down to sessions, the user's protection of their password, whether to
use certificates, whether to use dongles, etc.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Joe | 2007-03-09 17:35:39 | Re: [SQL] Statistics |
| Previous Message | Kenneth Downs | 2007-03-09 17:31:16 | Re: HIPPA (was Re: Anyone know ...) |