| From: | Casey Allen Shobe <cshobe(at)bepress(dot)com> |
|---|---|
| To: | Scott Marlowe <scott(dot)marlowe(at)gmail(dot)com> |
| Cc: | Christophe <xof(at)thebuild(dot)com>, "Postgres General List" <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Oracle and Postgresql |
| Date: | 2008-09-25 19:48:44 |
| Message-ID: | 1EDC6FD9-A8B4-49B9-B002-49753071DCA0@bepress.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-www |
On Sep 15, 2008, at 1:15 PM, Scott Marlowe wrote:
> But whether it's oracle or postgresql, this is just security through
> obscurity. If you have root access on the server either method would
> be trivial to hack.
You just contradicted yourself. If you have root access on the server
all bets are off, period. No database security at all applies any
longer. Even just non-privileged read access to the files is
sufficient.
Database-level security only pertains to accesses within the database,
and for this reason, it would not be security through obscurity,
unless you could work around it by querying the catalog tables as a
non-superuser.
Cheers,
--
Casey Allen Shobe
Database Architect, The Berkeley Electronic Press
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Martin Gainty | 2008-09-25 19:50:03 | Re: Oracle and Postgresql |
| Previous Message | Casey Allen Shobe | 2008-09-25 19:45:23 | Re: Oracle and Postgresql |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Martin Gainty | 2008-09-25 19:50:03 | Re: Oracle and Postgresql |
| Previous Message | Casey Allen Shobe | 2008-09-25 19:45:23 | Re: Oracle and Postgresql |