Thread: Security with PostgreSQL

Hi ,

I have questions, described above, about Security with postgreSQL :

Security:

To analyse PostgreSQL through the following 3 requirements:

1. Authentication
    integration with existing authentication such as Windows, Kerberos,
etc.

2. Authorisation
    How does the app/db restrict access rights to certain group of users

3. Accountability
    Audit trail - linking users to all transactions.

Thanks for your quick answer.
Rds,
Serge Perrier

Hi, this is a better question for pgsql-general, but you should find
what you need here:

http://www.postgresql.org/docs/8.2/interactive/client-authentication.html
http://www.postgresql.org/docs/8.2/interactive/user-manag.html

With accountability, if you use stored procedures to process your data
you could call self-constructed auditing functions, and you can of
course log all of your transactional data:

http://www.postgresql.org/docs/8.2/interactive/runtime-config-logging.html

But this will be logging SQL statements and associated information.

Regards,

Gavin Roy

On 10/16/07, Serge.Perrier <spi@bow.intnet.mu> wrote:
> Hi ,
>
> I have questions, described above, about Security with postgreSQL :
>
> Security:
>
> To analyse PostgreSQL through the following 3 requirements:
>
> 1. Authentication
>     integration with existing authentication such as Windows, Kerberos,
> etc.
>
> 2. Authorisation
>     How does the app/db restrict access rights to certain group of users
>
> 3. Accountability
>     Audit trail - linking users to all transactions.
>
> Thanks for your quick answer.
> Rds,
> Serge Perrier
>
> ---------------------------(end of broadcast)---------------------------
> TIP 4: Have you searched our list archives?
>
>                http://archives.postgresql.org
>