On Tue, 2006-12-05 at 10:01, dev.department wrote:
>
>
>
> Dear Sirs,
>
> We're a softwarehouse who is considering the possibility to insert the
> PostgreSQL 8.1 database in our software.
> How can we prevent the visualization of structure and data (tables,
> views, etc.) of a PostgreSQL 8.1 database? Keep present that the
> person who has installed PostgreSQL 8.1 is the administrator of the
> PC in which it it installed, and so he could modify the configuration
> files of PostgreSQL 8.1 server (for example files as "pg_hba.conf",
> "postgresql.conf", ecc.).
>
> We've also seen that command "pg_dump" allows to visualize all
> structures and data of a database simply knowing the user name and
> not his password...
You can't. Even if postgresql tried to make it possible, it would be
wasted effort. anyone with any hacking knowledge could override it.
If you don't want people doing that, then host the database yourself, on
your own servers, and don't let the users directly log in.
