Postgres Pro
Downloads
Home   >   mailing lists

Is PGSQL enough safe for internet? - Mailing list pgsql-general

From durumdara
Subject Is PGSQL enough safe for internet?
Date
Msg-id 49C0B1B8.2020508@gmail.com
Whole thread Raw
Responses Re: Is PGSQL enough safe for internet?  (Richard Huxton <dev@archonet.com>)
Re: Is PGSQL enough safe for internet?  (Ivan Sergio Borgonovo <mail@webthatworks.it>)
List pgsql-general
Tree view 
Hi!

I need to suggest a DataBase server for my friend. It have Win2003
server machine.

He finished his web application (Python), but he need to do some remote
operations.
His project is inherited by another developer with some limitations :-(.
The user have an application.exe (Delphi) to define some informations,
make some decisions, and manage the products.
When the user finished with his job, he/she can upload the new elements
to the server.

The web application working in the server, it is a shop like thing.
But it don't have web admin interface. The admin interface realized with
the Delphi application, and with direct connection to the DB server.

So the shop admin need to upload the modifications, and it need to
download the statistics, and other informations from the DB to the
admin's machine.

This old project uses DBISAM. But the new developer want to port to PG,
because DBISAM server don't like Linux.
The web interface is done, but he need to determine, how to realize the
managing and the statistics making.
He don't want to rewrite the client application in web interface. It
want to solve only the download and upload problems.
In the old project these operations are use DBISAM Queries with direct
connections to the DB server.

The new developer want to make a simple solution, and first this can be
only a direct DB server connection. He asked me, which DB I suggest.
I know that Zeos can access PG DataBases from Delphi, but I don't know,
is PGSQL enough safe for opening it's main port to the net. It is a
dangerous thing (I think), because this PGSQL server serve more,
important DataBases which we don't want to publish.

Possible he can install an another pgsql service that can be opened to
the net and that can usable for ONLY THIS PROJECT. But I don't know,
that is possible or not; and how to upgrade later, if needed... :-(

Can I define in PGSQL, which DataBases can read from the localhost, and
which can from the net?

Can I separate these databases to decreasing the dangers? Not phisically
- in other way to hide the private DBs.

Can I use some functions in PGSQL to make some protecting rules? Like in
Mail Servers: if the IP is same and pwd is wrong in X times, the IP
blocked for N hours...

Last idea, if the port opening is not too good to convert
uploads/downloads to xml, and the client/server can read/write these
packages.
But this is hard to realize (convert all informations to same schema),
and it need to protect also...

Please help me (to I can help to my friend)!

Thanks for it!
    dd

pgsql-general by date:

Previous
From: Scott Marlowe
Date:
Subject: Re: postmaster never finishes starting up, silent to boot
Next
From: "Brent Wood"
Date:
Subject: Re: Uploading data to postgresql database