Re: Create a cache DB between web portal and internal DB?
От | Dick Davies |
---|---|
Тема | Re: Create a cache DB between web portal and internal DB? |
Дата | |
Msg-id | 20041221103134.GB12067@lb.tenfour обсуждение исходный текст |
Ответ на | Create a cache DB between web portal and internal DB? ("Dearman, Rick" <rick.dearman@teamuk.telstra.com>) |
Ответы |
Re: Create a cache DB between web portal and internal DB?
|
Список | pgsql-general |
* Dearman, Rick <rick.dearman@teamuk.telstra.com> [1245 05:45]: > I have a requirement from my security manager but I can't seem to find a good solution. > So I wondered if someone had done something similar. > > We have a web portal and a DB in PostgreSQL (obviously) which contains user data. > The portal is accessed by account managers who have access to only specific user accounts. > This all works fine however the concern is that if you ever got access more directly > into the DB through a hack, or poorly designed site code, > you could potentially access information that you shouldn't. > > So the idea is that he is floating is we create a cache DB between the portal and the > main DB which will only keep the information currently being worked on by the person logged in, If I was you, I'd have major concerns and have a chat with the manager in question. How is that going to help anything - surely the cache DB would have to do a query to populate itself anyway, which you have to check to gain any security benefit? You're in a similar boat for updates. If you're going to check the queries it makes somehow, just do those checks on the queries you get in the first place. This sounds like a pain in the arse to implement, maintain and debug with no benefits. Far better to spend that time cleaning up your application code and implementing a decent backup policy. -- 'A little rudeness and disrespect can elevate a meaningless interaction into a battle of wills and add drama to an otherwise dull day.' -- Calvin discovers Usenet Rasputin :: Jack of All Trades - Master of Nuns
В списке pgsql-general по дате отправления: