| From: | Vick Khera <vivek(at)khera(dot)org> |
|---|---|
| To: | "pgsql-general(at)postgresql(dot)org" <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Multi tenancy : schema vs databases |
| Date: | 2016-09-30 14:36:56 |
| Message-ID: | CALd+dccruVQXNY4earcb7bQXe6XOHAbajAhNphBYjwaQJP0_Kw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Fri, Sep 30, 2016 at 6:06 AM, Rakesh Kumar
<rakeshkumar464(at)outlook(dot)com> wrote:
> A typical fear mongering Q from
> them "what if due to a bug in your s/w, our competitors end up looking at our data" or
> something like that. That's why schema level vs db level discussion.
So... if your software isolates customers based on a "customer_id"
field in a table, how is that less secure than isolating a customer
based on the schema? Ie, you've just moved the customer_id field from
a column to part of the table name itself. One step up from that, what
keeps your software from selecting the wrong customer_id database name
too? See, it is all just *where* you put the distinguishing name...
For your resource question, having multiple DBs require each to have
its own handle within your app. When you have many simultaneous users,
you have lots and lots of file handles to manage. You want to minimize
the number of connections to the postgres server itself.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Dunstan | 2016-09-30 14:53:56 | Re: [GENERAL] pg_upgrade from 9.5 to 9.6 fails with "invalid argument" |
| Previous Message | Vick Khera | 2016-09-30 14:33:25 | Re: Multi tenancy : schema vs databases |