| From: | Adam Tauno Williams <awilliam(at)opengroupware(dot)us> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: postgresql.key secure storage |
| Date: | 2009-09-13 12:39:31 |
| Message-ID: | 1252845571.14166.11.camel@linux-m3mt |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
> An application using libpq would require that the private unencrypted key be
> deployed to the end user, together with the public key and trust cert. This
> would mean if the end user is curious enough and computer litterate, he can
> bypass the client application and make a direct connection to the server with
> psql for example. It's then possible to issue commands like TRUNCATE TABLE...
Sorry, I don't know anything about postgresql.key; but regardless of
how you identify and authenticate you need to secure your database from
rogue user actions.
A user must have the TRUNCATE privilege to truncate a table or be the
tables owner.
OGo=> truncate table person;
ERROR: must be owner of relation person
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alban Hertroys | 2009-09-13 12:55:29 | How to match sets? |
| Previous Message | Adam Tauno Williams | 2009-09-13 12:23:23 | Re: postgresql.key secure storage |