Re: Restricting queries by the presence of a WHERE clause - Mailing list pgsql-general

From Travis Bauer
Subject Re: Restricting queries by the presence of a WHERE clause
Date
Msg-id Pine.GSO.4.21.0006280731190.4586-100000@piccolo.cs.indiana.edu
Whole thread Raw
In response to Restricting queries by the presence of a WHERE clause  (John Morton <jwm@plain.co.nz>)
Responses Re[2]: Restricting queries by the presence of a WHERE clause
List pgsql-general
Wouldn't it be possible to create a trigger and check for the where clause
there?

----------------------------------------------------------------
Travis Bauer | CS Grad Student | IU |www.cs.indiana.edu/~trbauer
----------------------------------------------------------------

On Wed, 28 Jun 2000, John Morton wrote:

> I'm working on building a system for storing customer credit card details
> for reuse in an ecommerce system. The present design involves keeping the
> shopping cart details, products, orders and mundane customer details in
> one database, and the specific credit card details in another, more
> heavily restricted database.
>
> The heavily restricted database is only accessable from another machine
> running the secure web server. Periodically customers will enter their
> credit card details into that database via forms, and they will need
> access to keep it up to date. They access their record via a
> username/password combo that maps to a unique customer_id, which was
> generated randomly from a pool of 2^92 possible combinations.
>
> No problems so far, until some black hat gets root on the secure web
> server. This doesn't necessarily imply they can get root on the database,
> but it does mean they have the same access as the web server had, so the
> can basically grab all the credit card details with one select query.
>
> What I'd like to be able to do is have the database drop any SELECT,
> UPDATE or DELETE queries unless they have something fairly specific in
> their WHERE clause. As there are no SELECT triggers, I guess it will have
> to involve rules, but it doesn't look like any of them can alter or act on
> what's in a WHERE clause. How deep am I going to have to hack to get this
> sort of functionality working?
>
> [And, no, limiting won't help either :-( They can just loop around a query like
> this: select * from customers where primary_key_field not in
> (list_of_previously_seen_keys); ]
>
> TAI,
> John
>
>
>
>
>


pgsql-general by date:

Previous
From: Travis Bauer
Date:
Subject: Re: Connecting postgreSQL using JDBC
Next
From: "Mitch Vincent"
Date:
Subject: Trigger (C) question