L van der Walt wrote:
> Richard Huxton wrote:
>
>> L van der Walt wrote:
>>
>>> The big problem is that the administrators works for the client and
>>> not for me. I don't want the client to reverse engineer my database.
>>> There might be other applications on the server so the administrators
>>> do require root access.
>> Well, if it's your client's machine, then they any competent
>> administrator will be able to work around anything you do. They set
>> the ground-rules you work in - you could be running inside a virtual
>> machine and never know.
>> Are your clients really so dishonest that they'd break into the
>> database and take the necessary steps to hide their tracks too?
> No I can not trust the clients administrators.
Then you really need to have your own machine.
> I have played now with MySQL and with MySQL you can change the password
> for root in MySQL (same as postgres in PostgreSQL). If you use the
> command line tools like dump you require the password. Just because
> your root doesn't mean your root in MySQL
Oh, you can stop playing. But you won't stop a determined administrator
for more than about 5 minutes with just a password.
> Can one separate the user postgres in PostgreSQL from the user postgres
> in Linux(The OS)?
Naturally - just set your pg_hba.conf to use passwords rather than
ident. See the manuals for details.
--
Richard Huxton
Archonet Ltd
