Home > mailing lists

Re: Securing a db app - RFC - Mailing list pgsql-general

From	Shridhar Daithankar
Subject	Re: Securing a db app - RFC
Date	June 2, 2004 12:36:24
Msg-id	200406021806.14072.shridhar@frodo.hserus.net Whole thread Raw
In response to	Re: Securing a db app - RFC (<btober@computer.org>)
List	pgsql-general

Tree view

On Wednesday 02 June 2004 17:58, btober@computer.org wrote:
> > You can probably use set session authorization. Here are some brief
> > steps.
> >
> > 1. Convert all your users as postgresql database users
>
> If he's going to do this, why bother with hard-coding a single user id
> and password in the application -- why not have the user log in as their
> defined Postgresql user, and let the data base handle all the security
> and permission issues?

In that case he can not use connection pooling. Thats all. Otherwise there is
no need for single user id.

 Shridhar

pgsql-general by date:

From:
Date: 02 June 2004, 12:27:13
Subject: Re: Securing a db app - RFC

From: "Nagib Abi Fadel"
Date: 02 June 2004, 13:09:13
Subject: Creating a session variable in Postgres

Re: Securing a db app - RFC - Mailing list pgsql-general

Previous

Next