Re: Protecting application table structures and data - Mailing list pgsql-admin

From Scott Marlowe
Subject Re: Protecting application table structures and data
Date
Msg-id 1134686525.8351.1.camel@state.g2switchworks.com
Whole thread Raw
In response to Re: Protecting application table structures and data  (David Pratt <fairwinds@eastlink.ca>)
List pgsql-admin
On Thu, 2005-12-15 at 16:23, David Pratt wrote:
> Hi Jim. Many thanks for your reply. I guess this is not so great news. I
> am sort of at a loss as to what direction to take.  I need a db
> connection on a couple of threads minimum in my app but also need to
> ensure that the information is secure.

Let's face facts. The second you hand the user a CDROM with your
application and encoded data on it, and the application has a way to
access it, it's only a matter of time before the user, by hacking the
application, can get access to it.

There is one, and only one, real solution.  Host the data yourself and
require the user to connect remotely to you.

For instances of attempts to make things secure on remote systems, see
the recent Sony - F4I - root kit debacle.

pgsql-admin by date:

Previous
From: David Pratt
Date:
Subject: Re: Protecting application table structures and data
Next
From: Bruno Wolff III
Date:
Subject: Re: reg:Import&Export functions