Re: Protecting application table structures and data - Mailing list pgsql-admin

From Jim C. Nasby
Subject Re: Protecting application table structures and data
Date
Msg-id 20051215220056.GH40699@pervasive.com
Whole thread Raw
In response to Protecting application table structures and data  (David Pratt <fairwinds@eastlink.ca>)
Responses Re: Protecting application table structures and data
List pgsql-admin
On Thu, Dec 15, 2005 at 05:01:47PM -0400, David Pratt wrote:
> Hi. I am creating a desktop app and am interested in using postgres. I
> started this app with sqlite3 which is nice but not multi-threaded so I
> have run into its limitations.
>
> I want to install postgres on the users machine as part of the set up
> but want the application, if possible, to be the db admin for the
> installed pg server. Is this possible?
>
> I am hoping the application can be admin and create the tables and give
> the machine's user appropriate access without providing direct access to
> admin functions.

You can do this, but remember that anyone who has access to the account
postgresql is running under is going to be able to do pretty much
anything they want. And anyone with administrative access to the machine
will be able to get access to that account.

> Alternatively, is there a way to protect the data structures and data
> through encryption to secure the structures and data in a way that
> cannot be read by a human? Many thanks.

No, there isn't. In fact, I think only Oracle has that capability,
though I could be mistaken.
--
Jim C. Nasby, Sr. Engineering Consultant      jnasby@pervasive.com
Pervasive Software      http://pervasive.com    work: 512-231-6117
vcard: http://jim.nasby.net/pervasive.vcf       cell: 512-569-9461

pgsql-admin by date:

Previous
From: "Jim C. Nasby"
Date:
Subject: Re: Fw: Please guide me.
Next
From: David Pratt
Date:
Subject: Re: Protecting application table structures and data