Re: Authentication method for web app

From: Ivan Voras <ivoras(at)freebsd(dot)org>
To: pgsql-general(at)postgresql(dot)org
Subject: Re: Authentication method for web app
Date: 2010-05-13 09:56:19
Message-ID: hsgic3$279$1@dough.gmane.org
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

On 05/13/10 09:21, Leonardo F wrote:
> Hi all,
>
>
> we're going to deploy a web app that manages users/roles for another
> application.
>
> We want the database to be "safe" from changes made by malicious
> users.
>
> I guess our options are:
>
> 1) have the db listen only on local connections; basically when the
> machine is accessed the db could be "compromised". Hardening the
> server access is the only true security defense we have.
>
> 2) Use, as user/password, the same user/password used to
> enter the web app. Basically there would be a 1 to 1 matching between
> our app users (and password...) and the db users (with proper
> permissions...)
>
> I'm not a great expert on these things (as you've already guessed...).
>
> Can someone help me?

As you already figured out, the key is protecting both the application
and the db server from intrusions. If anyone gets unauthorized access to
either of them, especially if it's root access, any and all security you
build on top of that will in all likelihood collapse.

Personally I would lean toward making the bulk of security within the
application so to simplify everything - the database would do what it
does best - store and manipulate data - and the application would be the
single point of entry. Protect the servers - keep the applications (like
ssh, php, apache, your application) updated and make sure you have good
and frequent backups.

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message I. B. 2010-05-13 10:04:56 Re: Persistence problem
Previous Message Andrew Dunstan 2010-05-13 08:46:43 Re: [HACKERS] Retiring from the PostgreSQL core team