Skip site navigation (1) Skip section navigation (2)

Re: access rights

From: Bruno Wolff III <bruno(at)wolff(dot)to>
To: ctnan(at)adinet(dot)com(dot)uy
Cc: pgsql-admin(at)postgresql(dot)org
Subject: Re: access rights
Date: 2004-09-20 15:49:13
Message-ID: 20040920154913.GA30575@wolff.to (view raw or flat)
Thread:
Lists: pgsql-admin
On Sun, Sep 19, 2004 at 02:01:10 -0300,
  ctnan(at)adinet(dot)com(dot)uy wrote:
> I need a data base to install with my application, but i want that it can
> be accessed only by the application. Because it runs on the customer computer
> and i dont want he be able to watch into my database. It is posible. I mean:
> if my postgres database is on his Windows 2000 and he has the Administrator
> password. He have the posibility to view database structure or data? The
> only way to access my postgres database is having the postgres administrator
> password?
> 
> Sorry for english and thanks for your time

You can't trust code that is running on hardware under control of an
adversary. There are some things you can do to limit the use of the
database by your adversary (i.e. customer). You might want to read the
book "Translucent Databases".

In response to

pgsql-admin by date

Next:From: rjyoungDate: 2004-09-20 16:04:36
Subject: Postgres setup question
Previous:From: Tom LaneDate: 2004-09-20 14:40:25
Subject: Re: pg_dumpall failed

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group