Posgres security

David Uhlman plug-discuss@lists.plug.phoenix.az.us
Sat, 3 Aug 2002 00:17:31 -0700 

Postgres has its uses though it can be a bit archaic in the maintenance and
configuration points, which is dissapointing for what that db could be.
Scalability wise it is not "puny" and is very highly scalable db, about 90%
as scalable as oracle for about 100,000$ less.

However, I agree with derek completely, sap-db is an excellent database on
par with db2 and oracle for sql services (although I don't beleive it has
the latest features for xml binding etc). It has windows based management
configuration utilities similiar to what is found with those. I am not sure
what the linux config utilities are like at this time (besides the cli). My
only complaints deal with compiling it yourself, though the process is
getting better. Beware that it demands as many "resources/per performance
unit" as oracle or db2. It probably isn't suited well for lightweight
situations (neither are oracle or db2).

Security is as robust and powerful as the aforementioned. Of course it also
requires security in the os as well, particularly in linux, similiar to the
big 2.

Sincerely,
David Uhlman
CTO 50km Inc.
office(877-571-7679)
mobile(602-770-9551)
fax(509-752-3882)
email(duhlman@50km.com)
----- Original Message -----
From: "Trent Shipley" <tcshipley@earthlink.net>
To: "PLUG Discuss" <plug-discuss@lists.plug.phoenix.az.us>
Sent: Friday, August 02, 2002 8:28 PM
Subject: Posgres security


> I have been looking at PostgreSQL.
>
> Having gotten used to Oracle 8.1 Postgres seems a bit puny.  However, it
is
> clearly a compentent little ORDBMS with an unbeatable Initial Cost of
> Ownership.
>
> Unfortunately, all the documentation seems to indicate that security is
weak
> to the point of non-existance.  To secure a Pgsql database secure the *NIX
> box where it lives and let no one but the Sys Admin, DBA, very trusted
> developers (and trusted code) have user accounts on the database.
Everyone
> else connects through a trusted application or not at all.
>
> Most important, I can't find anyway to keep a normal user from creating
> tables, indexes or other objects.  Furthermore, it looks like a user
defaults
> to access to objects.  Just as bad, Postgres has no extensions to
SQL-92/99
> security so GRANT/REVOKE must be done object by object.
>
> I write this in the hope that I am thoroughly mistaken and some kind
citizen
> will correct my errors.
> ________________________________________________
> See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't
post to the list quickly and you use Netscape to write mail.
>
> PLUG-discuss mailing list  -  PLUG-discuss@lists.plug.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>