On Fri, Feb 03, 2006 at 19:15:37 -0500,
Chris Browne <cbbrowne@acm.org> wrote:
>
> But it is fairly common for applications to not expose database users
> to the application users.
>
> For instance, the SAP R/3 system (which doesn't use PostgreSQL; it
> typically uses Oracle) generally runs as just one database user.
And doing this in the wrong circumstances is a big security whole.
For example, giving someone two tier access in Peoplesoft, gives away the
whole system because the application is running in an untrusted environment
and is connecting as a database user that full access to all of the Peoplesoft
tables.
> Likewise, it is common for a web application to have one or just a few
> "database users;" think of Slashdot, where there is not really any
> reason for each of the many thousands of users to be identifiable
> inside the database.
This isn't the same problem for use with web services, since typically the
web server is running in a trusted environment. However, it can make it
easier to escalate access in the event of a security breach.