Lange Marcus wrote:
> Ok. But apart from the risk with having the physical access to the
> computer, would it be a reasonable safe solution to limit the access
> with a password then ? So that, assuming a user does not have the
> possibility to get any kind of root access, there is no way to read
> or copy the database unless you login as the correct user ? And if
> only the program knows the password, then the user running the
> program will not be able to access the database, except through the
> program ?
Make sure that only the postgres user can read/write the database files.
Make sure that only the application has a password to access the database.
Make sure that there aren't any tools that let you trap
system-calls/dump memory as an unprivileged user.
> Is there a way to assure that the database does not get stored on
> disk ? If my program, everytime it starts, would create or build up
> the database could this database be kept in RAM ? Or does postgres
> automatically create a database file or something ? Do you understand
> what i mean ?
You could create a ramdisk, then create the database on that. Of course,
if you lose power then you lose your data. Check the manuals for details
on "tablespaces" for how to have some DB objects in a different location.
> Another question, are md5 passowords supported under windows ?
Any reason why they shouldn't be?
Not that it matters in your case. The password might as well be
"password" - if they get access to the files/application, it's game over.
--
Richard Huxton
Archonet Ltd
