Postgres has its uses though it can be a bit archaic in the maintenance and configuration points, which is dissapointing for what that db could be. Scalability wise it is not "puny" and is very highly scalable db, about 90% as scalable as oracle for about 100,000$ less. However, I agree with derek completely, sap-db is an excellent database on par with db2 and oracle for sql services (although I don't beleive it has the latest features for xml binding etc). It has windows based management configuration utilities similiar to what is found with those. I am not sure what the linux config utilities are like at this time (besides the cli). My only complaints deal with compiling it yourself, though the process is getting better. Beware that it demands as many "resources/per performance unit" as oracle or db2. It probably isn't suited well for lightweight situations (neither are oracle or db2). Security is as robust and powerful as the aforementioned. Of course it also requires security in the os as well, particularly in linux, similiar to the big 2. Sincerely, David Uhlman CTO 50km Inc. office(877-571-7679) mobile(602-770-9551) fax(509-752-3882) email(duhlman@50km.com) ----- Original Message ----- From: "Trent Shipley" To: "PLUG Discuss" Sent: Friday, August 02, 2002 8:28 PM Subject: Posgres security > I have been looking at PostgreSQL. > > Having gotten used to Oracle 8.1 Postgres seems a bit puny. However, it is > clearly a compentent little ORDBMS with an unbeatable Initial Cost of > Ownership. > > Unfortunately, all the documentation seems to indicate that security is weak > to the point of non-existance. To secure a Pgsql database secure the *NIX > box where it lives and let no one but the Sys Admin, DBA, very trusted > developers (and trusted code) have user accounts on the database. Everyone > else connects through a trusted application or not at all. > > Most important, I can't find anyway to keep a normal user from creating > tables, indexes or other objects. Furthermore, it looks like a user defaults > to access to objects. Just as bad, Postgres has no extensions to SQL-92/99 > security so GRANT/REVOKE must be done object by object. > > I write this in the hope that I am thoroughly mistaken and some kind citizen > will correct my errors. > ________________________________________________ > See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post to the list quickly and you use Netscape to write mail. > > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >