Re: Deployment of PostgreSQL Applications - Mailing list pgsql-general
| From | Jason Earl |
|---|---|
| Subject | Re: Deployment of PostgreSQL Applications |
| Date | |
| Msg-id | 20010831192713.1498.qmail@web10004.mail.yahoo.com Whole thread Raw |
| In response to | Re: Deployment of PostgreSQL Applications ("Mitch Vincent" <mvincent@cablespeed.com>) |
| List | pgsql-general |
Not only is it impossible to keep systems administrators from being able to "peek" into your database, but those kind of controls tend to tick us off. After all, we get paid for watching out for systems, developers that make our lives difficult do not get our business. What happens if we already have a PostgreSQL server and want to use your software with it? Or worse yet, what happens when we install your software and it installs another version of PostgreSQL on the machine that conflicts with another version we already have installed (they want to use the same port for example)? Normal systems administrators are not interested in stealing your data model, but they probably will be interested in reindexing tables manually, scripting a backup, and other such tasks that require having access to the table. If you deny them access to the database containing *their* data, then they will look around for alternatives. What's more, companies like having access to the data model so that they can integrate the software with other packages that they might have. Or does your software do *everything*. Your competitors will be able to "borrow" your data model no matter what you do. There's no sense aggravating your customers. --- Mitch Vincent <mvincent@cablespeed.com> wrote: > > 2) More importantly, is it possible to prevent a > customer from peeking > into > > said database once it is deployed on their > machine? A large part of what > > makes my application proprietary is the data model > in the database, and > it'd > > be tough to maintain a competative edge when > everyone can see exactly how > I > > do things in the database by logging into their > postgres account, adding > > some users and changing permissions on their > machine. I really need to > make > > sure the database is bulletproof before I can > begin deployment. > > If the people that have your application have > physical access (or even > remote superuser access) to the machine on which the > database resides then > there is little you could do to prevent a > knowledgeable person from getting > anything he/she wanted from the database, > circumventing the PostgreSQL > security measures by reading the information right > off the disk... I don't > know how hard or easy it would be to get meaningful > information this way but > it's always going to be possible when people have > superuser/physical access > to the machine. > > -Mitch > > > > ---------------------------(end of > broadcast)--------------------------- > TIP 2: you can get off all lists at once with the > unregister command > (send "unregister YourEmailAddressHere" to majordomo@postgresql.org) __________________________________________________ Do You Yahoo!? Get email alerts & NEW webcam video instant messaging with Yahoo! Messenger http://im.yahoo.com
pgsql-general by date: