We're doing something similar to allow dealers to access relevant parts of a table and not others. Using the Apache user name login works swell and if there's a security problem with it, we haven't bumped into it yet.
Sent from my iPad (please disregard egg freckles)
On Jan 13, 2012, at 11:24 AM, Tom Browder <tom(dot)browder(at)gmail(dot)com> wrote:
> I would appreciate any critique of this security model I want to use
> for my planned web-accessible family database:
> I have a working PostgreSQL running on a remote Linux web server
> running Apache 2. I want to allow web access to a database but want
> to restrict row update to a row owner.
> All access to the site is by SSL/TLS, and I use Apache htdigest
> passwords to control access to the directory containing the database
> Perl cgi scripts.
> I plan to have every table have a field (called 'owner') which will be
> filled in by the accessing user's name when a new row is created (I
> will really use an integer key unique for each user).
> The site user names and passwords will be the same as the database
> user names and passwords.
> I plan to have user names identified through the CGI environment and
> then, for any attempted update of any row in any table, disallow it if
> the user and owner do not match.
> Thanks for any suggestions.
> Best regards,
> Sent via pgsql-novice mailing list (pgsql-novice(at)postgresql(dot)org)
> To make changes to your subscription:
In response to
pgsql-novice by date
|Next:||From: Tom Browder||Date: 2012-01-13 17:38:20|
|Subject: Re: Security Best Practices: Is This Reasonable?|
|Previous:||From: Tom Browder||Date: 2012-01-13 16:24:16|
|Subject: Security Best Practices: Is This Reasonable?|