| From: | Bruno Wolff III <bruno(at)wolff(dot)to> |
|---|---|
| To: | "Dearman, Rick" <rick(dot)dearman(at)teamuk(dot)telstra(dot)com> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Create a cache DB between web portal and internal DB? |
| Date: | 2004-12-21 14:44:27 |
| Message-ID: | 20041221144427.GB8895@wolff.to |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Mon, Dec 20, 2004 at 17:21:02 -0000,
"Dearman, Rick" <rick(dot)dearman(at)teamuk(dot)telstra(dot)com> wrote:
> I have a requirement from my security manager but I can't seem to find a good solution. So I wondered if someone had done something similar.
>
> We have a web portal and a DB in PostgreSQL (obviously) which contains user data. The portal is accessed by account managers who have access to only specific user accounts. This all works fine however the concern is that if you ever got access more directly into the DB through a hack, or poorly designed site code, you could potentially access information that you shouldn't.
If the managers access the web site using their DB credentials then you can
enforce the proper access in the DB using views and/or security definer
functions.
If the managers don't have their own DB accounts, then the web application
needs to be trusted and should can spend your effort securing that.
Implementing a cache inbetween doesn't seem help in solving your problem.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Marc G. Fournier | 2004-12-21 15:48:28 | Re: RES: RES: NewsForge Poll: Favorite open source database |
| Previous Message | Bruno Wolff III | 2004-12-21 14:38:42 | Re: Need help to organize database |