> -----Original Message-----
> From: Joshua D. Drake [mailto:jd@commandprompt.com]
> Sent: Thursday, December 20, 2007 1:54 PM
> To: Roberts, Jon
> Cc: 'Trevor Talbot'; Kris Jurka; Merlin Moncure; Jonah H. Harris; Bill
> Moran; pgsql-performance@postgresql.org
> Subject: Re: [PERFORM] viewing source code
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Thu, 20 Dec 2007 13:45:08 -0600
> "Roberts, Jon" <Jon.Roberts@asurion.com> wrote:
>
> > I think it is foolish to not make PostgreSQL as feature rich when it
> > comes to security as the competition because you are idealistic when
> > it comes to the concept of source code. PostgreSQL is better in many
> > ways to MS SQL Server and equal to many features of Oracle but when
> > it comes to security, it is closer to MS Access.
>
> If this were true, we would be in a lot more trouble than what you are
> presenting here. Let's think about what PostgreSQL supports....
>
> GSSAPI
> Kerberos
> SSL
> PAM
> Role based security
> Security definer functions
> Data based views (ability to assign restrictions to particular
> roles via views)
> External security providers
>
> ...
>
> Sounds like you have some reading to do before you make broad
> assumptions about PostgreSQL security. Everything you want to do is
> possible with Postgresql today. You may have write an executor function
> to hide your code but you can do it. You may not be able to do it with
> plpgsql but you certainly could with any of the other procedural
> languages.
>
>

I'm tired of arguing. You win. I still say this I a needed feature if you
want adoption for enterprise level databases in larger companies. The
security out of the box is not enough and it is too much to ask everyone
implementing PostgreSQL to do it themselves. It will remain a small niche
database for small groups of people that have access to everything if they
can connect to the database at all.


Jon

---------------------------(end of broadcast)---------------------------
TIP 2: Don't 'kill -9' the postmaster

On Thu, 20 Dec 2007, Roberts, Jon wrote:

> I still say this I a needed feature if you want adoption for enterprise
> level databases in larger companies.

It is to some people, and Joshua's opinion is, like everybody else's, just
one person's view on what's important.

> The security out of the box is not enough and it is too much to ask
> everyone implementing PostgreSQL to do it themselves.

This is a fair statement coming from the perspective of someone who
expects source code protection. What's not a fair statement is to compare
the security to Access just because you don't don't understand all the
options or think they're too complicated. An inflammatory comment like
that is just going to make the very developers who could be helping you
here mad.

The larger distinction that you might not be aware of here is that
PostgreSQL tries to keep things that can be implemented separately out of
the database engine itself. As far as the core database group is
concerned, if there is a good interface available to provide these
features, it would be better to have an external project worry about
things like how to make that interface more palatable to people. Look at
pgadmin--that's the reason it's a separate project.

The right question to ask here may not be "why isn't PostgreSQL adding
these features?", but instead "is there a project that makes this
low-level capability that already exists easier to use?". Unfortunately
for you, making that distinction right now means you're stuck with a
little bit of study to see whether any of the existing mechanisms might
meet the need you've already got, which is why people have been suggesting
things you might look into.

--
* Greg Smith gsmith@gregsmith.com http://www.gregsmith.com Baltimore, MD

---------------------------(end of broadcast)---------------------------
TIP 4: Have you searched our list archives?

http://archives.postgresql.org