Re: Multi tenancy : schema vs databases

From: Vick Khera <vivek(at)khera(dot)org>
To: "pgsql-general(at)postgresql(dot)org" <pgsql-general(at)postgresql(dot)org>
Subject: Re: Multi tenancy : schema vs databases
Date: 2016-09-30 14:36:56
Message-ID: CALd+dccruVQXNY4earcb7bQXe6XOHAbajAhNphBYjwaQJP0_Kw@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

On Fri, Sep 30, 2016 at 6:06 AM, Rakesh Kumar
<rakeshkumar464(at)outlook(dot)com> wrote:
> A typical fear mongering Q from
> them "what if due to a bug in your s/w, our competitors end up looking at our data" or
> something like that. That's why schema level vs db level discussion.

So... if your software isolates customers based on a "customer_id"
field in a table, how is that less secure than isolating a customer
based on the schema? Ie, you've just moved the customer_id field from
a column to part of the table name itself. One step up from that, what
keeps your software from selecting the wrong customer_id database name
too? See, it is all just *where* you put the distinguishing name...

For your resource question, having multiple DBs require each to have
its own handle within your app. When you have many simultaneous users,
you have lots and lots of file handles to manage. You want to minimize
the number of connections to the postgres server itself.

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Andrew Dunstan 2016-09-30 14:53:56 Re: [GENERAL] pg_upgrade from 9.5 to 9.6 fails with "invalid argument"
Previous Message Vick Khera 2016-09-30 14:33:25 Re: Multi tenancy : schema vs databases