Re: PostgreSQL For Beginners - Mailing list pgsql-general

From Andy Colson
Subject Re: PostgreSQL For Beginners
Date
Msg-id 4D4ACF61.1030103@squeakycode.net
Whole thread Raw
In response to PostgreSQL For Beginners  (Kenneth Buckler <kenneth.buckler@gmail.com>)
List pgsql-general
On 2/3/2011 9:31 AM, Kenneth Buckler wrote:
> I'm probably going to be presenting to a mixed audience, some of the
> developers will have extensive Oracle knowledge, some will have MS SQL
> Server experience.  Plus, I'm not extremely familiar with Oracle, so
> trying to compare the two would not work well for me.
>
> My main focus for this presentation will be to outline how PostgreSQL
> syntax works, regardless of what server the developer has experience
> with.
>
> With regards to the security issues, unfortunately the developers in
> question have never programmed with security in mind from the
> beginning, only as an afterthought, sometimes resulting in having to
> choose between rebuilding a system completely to comply with security
> requirements, or try to get an exception granted.  This usually
> results in something to the effect of "why won't you security people
> just leave us alone and stop making us rebuild our systems".  I'm
> trying to avoid rebuilding systems, and hope to have security as part
> of the design of the database system.
>
> I've already got a good idea what to touch on for the security
> aspect...just trying to figure out what should be included as far as
> "Here's how you do THIS in PostgreSQL"
>
> Ken
>

Ahh, ok.  Here are my thoughts:

1) sql injection
2) over the wire encryption need? PG ssl connections etc.
3) storing connection info:  .ini files? hard code em? etc.
4) HIPAA rules?  storing ssn, credit cards, etc
5) backup security (dont leave the tapes in the front seat of your car)
6) the top secret handshake. :-)

-Andy

pgsql-general by date:

Previous
From: Bill Thoen
Date:
Subject: Re: Why does a normally fast query run so slow when the table is in a partition?
Next
From: Rich Shepard
Date:
Subject: Re: set theory question