I would like to be able to assert that the security of data stored as a
value in a PostgreSQL table can be as high as the security of saving
that same piece of data to a file on disk. Would that be correct?
I can set table permissions, and even use rules to enforce row level
access rights. Of course, the PostgreSQL superuser can circumvent any
of these efforts, but that's no different than having root on the OS.
There are a number of reasons I'd like to think this, but just to pick a
concrete example. Let's say I wanted to implement something analogous
to the unix shadow password file. I have a table full of usernames and
digested passwords. I set up a rule so that only the username
associated with a particular record has access to read or modify the
password digest for that record. Unix file permissions restrict access
to the the data on disk to the postgres user.
This actually seems *more* secure to me than the unix shadow password
file, because I can do row level permission checking.
Is there some reason I'm not thinking of that it would be crazy to
consider using PostgreSQL as a secure data store? Of course I must
always fear my own incompetance, but that applies to any system, not
just PostgreSQL.
--
Ron Peterson
Network & Systems Manager
Mount Holyoke College
http://www.mtholyoke.edu/~rpeterso