Skip site navigation (1) Skip section navigation (2)

Re: Connecting remotely - multi tier

From: Greg Speegle <Greg(at)10happythings(dot)com>
To: pgsql-interfaces(at)postgresql(dot)org
Subject: Re: Connecting remotely - multi tier
Date: 2000-11-02 20:32:49
Message-ID: 3A01CF71.B5613B21@10happythings.com (view raw or flat)
Thread:
Lists: pgsql-interfaces
Good point. I should know better than to say anything has to be done
a particular way, as there will always be different environments with
different requirements. However, I would always be reluctant to
expose the database to the world if it contained anything important.

Greg Speegle

Adam Lang wrote:

> But if you are an inhouse developer and the database is only in huse and the
> client is only in house and the database is not open to the public, do you
> still have to use development time to build that "middle tier" just so you
> can roll out an app that uses the company database?
>
> Adam Lang
> Systems Engineer
> Rutgers Casualty Insurance Company
> ----- Original Message -----
> From: "Greg Speegle" <Greg(at)10happythings(dot)com>
> To: <pgsql-interfaces(at)postgresql(dot)org>
> Sent: Thursday, November 02, 2000 2:42 PM
> Subject: Re: [INTERFACES] Connecting remotely - multi tier
>
> >
> >
> > keke abe wrote:
> >
> > > Adam Lang wrote:
> > >
> > > > Ok... so if I am writing a distributed application in windows that
> will use
> > > > a Postgresql backend, I should have the client interface another
> "server"
> > > > application, which will inturn access/retrieve informaton from the
> database?
> > >
> > > I'd like to know if this kind of layering is mandatory or not. Is it
> really
> > > unacceptable to expose the Posgresql backend to the rest of the world?
> Is
> > > there anything that I should be aware of if I let the clients to talk to
> > > the backend directly.
> > >
> > > regards,
> > > abe
> >
> > I'd say it is mandatory. You are opening yourself up as an easy target for
> > hackers if they can go directly to your database. Think about it. If any
> > hole in the database security is discovered, then your goose is cooked
> > right away. Getting the database off the web and behind a firewall should
> > be the least you do. That gives you two levels of protection -- the
> firewall
> > and the database.
> >
> > Plus, on the postgresql side, it is much easier to have one restricted
> user
> > account from one specific machine than to try to manage thousands of
> > dynamically created accounts.
> >
> > Just my opinion, of course.
> >
> > Greg Speegle
> >


In response to

pgsql-interfaces by date

Next:From: Clark, JoelDate: 2000-11-02 21:49:09
Subject: RE: Connecting remotely - multi tier
Previous:From: Adam LangDate: 2000-11-02 19:57:02
Subject: Re: Connecting remotely - multi tier

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group