Good point. I should know better than to say anything has to be done
a particular way, as there will always be different environments with
different requirements. However, I would always be reluctant to
expose the database to the world if it contained anything important.
Adam Lang wrote:
> But if you are an inhouse developer and the database is only in huse and the
> client is only in house and the database is not open to the public, do you
> still have to use development time to build that "middle tier" just so you
> can roll out an app that uses the company database?
> Adam Lang
> Systems Engineer
> Rutgers Casualty Insurance Company
> ----- Original Message -----
> From: "Greg Speegle" <Greg(at)10happythings(dot)com>
> To: <pgsql-interfaces(at)postgresql(dot)org>
> Sent: Thursday, November 02, 2000 2:42 PM
> Subject: Re: [INTERFACES] Connecting remotely - multi tier
> > keke abe wrote:
> > > Adam Lang wrote:
> > >
> > > > Ok... so if I am writing a distributed application in windows that
> will use
> > > > a Postgresql backend, I should have the client interface another
> > > > application, which will inturn access/retrieve informaton from the
> > >
> > > I'd like to know if this kind of layering is mandatory or not. Is it
> > > unacceptable to expose the Posgresql backend to the rest of the world?
> > > there anything that I should be aware of if I let the clients to talk to
> > > the backend directly.
> > >
> > > regards,
> > > abe
> > I'd say it is mandatory. You are opening yourself up as an easy target for
> > hackers if they can go directly to your database. Think about it. If any
> > hole in the database security is discovered, then your goose is cooked
> > right away. Getting the database off the web and behind a firewall should
> > be the least you do. That gives you two levels of protection -- the
> > and the database.
> > Plus, on the postgresql side, it is much easier to have one restricted
> > account from one specific machine than to try to manage thousands of
> > dynamically created accounts.
> > Just my opinion, of course.
> > Greg Speegle
In response to
pgsql-interfaces by date
|Next:||From: Clark, Joel||Date: 2000-11-02 21:49:09|
|Subject: RE: Connecting remotely - multi tier|
|Previous:||From: Adam Lang||Date: 2000-11-02 19:57:02|
|Subject: Re: Connecting remotely - multi tier|