But if you are an inhouse developer and the database is only in huse and the
client is only in house and the database is not open to the public, do you
still have to use development time to build that "middle tier" just so you
can roll out an app that uses the company database?
Adam Lang
Systems Engineer
Rutgers Casualty Insurance Company
----- Original Message -----
From: "Greg Speegle" <Greg@10happythings.com>
To: <pgsql-interfaces@postgresql.org>
Sent: Thursday, November 02, 2000 2:42 PM
Subject: Re: [INTERFACES] Connecting remotely - multi tier
>
>
> keke abe wrote:
>
> > Adam Lang wrote:
> >
> > > Ok... so if I am writing a distributed application in windows that
will use
> > > a Postgresql backend, I should have the client interface another
"server"
> > > application, which will inturn access/retrieve informaton from the
database?
> >
> > I'd like to know if this kind of layering is mandatory or not. Is it
really
> > unacceptable to expose the Posgresql backend to the rest of the world?
Is
> > there anything that I should be aware of if I let the clients to talk to
> > the backend directly.
> >
> > regards,
> > abe
>
> I'd say it is mandatory. You are opening yourself up as an easy target for
> hackers if they can go directly to your database. Think about it. If any
> hole in the database security is discovered, then your goose is cooked
> right away. Getting the database off the web and behind a firewall should
> be the least you do. That gives you two levels of protection -- the
firewall
> and the database.
>
> Plus, on the postgresql side, it is much easier to have one restricted
user
> account from one specific machine than to try to manage thousands of
> dynamically created accounts.
>
> Just my opinion, of course.
>
> Greg Speegle
>