Hi David
In the end to make this project practical we basically need to be able to create databases at HQ [and apps to go with them of course] and get the sites to mount the databases agains a PG server but not be able to tamper with the database in any form whatsoever - backing up [we will do that programmatically with pgDump for example] or accessing or whatever. That is what we are wanting to do. If this can be done it will of course cover theft as well as the same behaviour will apply to any other server.
The trust tool that you mentioned - is this universally available to any hacker or theft of the database? So a rogue employee can get their hands not? No special skill required?
Cheers
Andre