Data in databases are normally stored in files which can be easily found and
copied off to be analyzed via other programs. Most databases are insecure
in this manner. If you go with Linux, the ability to secure at a file
level is one of the operating systems advantages over some others. The ONLY
way to secure the data is to encrypt it or to not place it on a server that
has easy outside access.
Although I do use PostgreSQL on many projects I still feel that for large
user databases that it would involve too much administration work as many of
the solutions to problems involve dropping/recreating or dumping/rebuilding
from scratch. PostgreSQL also lacks the ability to recover from database
corruption/file corruption on the fly as it lacks transaction logs and the
ability to recover from the logs (e.g. Oracle).
-----Original Message-----
From: Peter Blazso <blazso@deltav.hu>
To: pgsql-general@postgreSQL.org <pgsql-general@postgreSQL.org>
Date: Monday, April 26, 1999 11:25 AM
Subject: [GENERAL] PostgreSQL security
>Hi all,
>
>I'd like to know how secure PostgreSQL is. (its user authentication
>methods, its permissions and rules) Is it easily breakable/hackable or
>not? (I suppose it greatly depends on any other things as well. [e.g.
>the underlying operating system...]) I want to use it under Linux for a
>great database with hundreds of users.
>
>If anyone knows any facts, please share them with me. I'd be very
>grateful.
>
>Thanks so much, in advance,
>Peter Blazso
>
>
