Re: Connecting remotely - multi tier
| От | Greg Speegle |
|---|---|
| Тема | Re: Connecting remotely - multi tier |
| Дата | |
| Msg-id | 3A01CF71.B5613B21@10happythings.com обсуждение исходный текст |
| Ответ на | Re: Connecting remotely - multi tier (keke abe <keke@mac.com>) |
| Список | pgsql-interfaces |
Good point. I should know better than to say anything has to be done a particular way, as there will always be different environments with different requirements. However, I would always be reluctant to expose the database to the world if it contained anything important. Greg Speegle Adam Lang wrote: > But if you are an inhouse developer and the database is only in huse and the > client is only in house and the database is not open to the public, do you > still have to use development time to build that "middle tier" just so you > can roll out an app that uses the company database? > > Adam Lang > Systems Engineer > Rutgers Casualty Insurance Company > ----- Original Message ----- > From: "Greg Speegle" <Greg@10happythings.com> > To: <pgsql-interfaces@postgresql.org> > Sent: Thursday, November 02, 2000 2:42 PM > Subject: Re: [INTERFACES] Connecting remotely - multi tier > > > > > > > keke abe wrote: > > > > > Adam Lang wrote: > > > > > > > Ok... so if I am writing a distributed application in windows that > will use > > > > a Postgresql backend, I should have the client interface another > "server" > > > > application, which will inturn access/retrieve informaton from the > database? > > > > > > I'd like to know if this kind of layering is mandatory or not. Is it > really > > > unacceptable to expose the Posgresql backend to the rest of the world? > Is > > > there anything that I should be aware of if I let the clients to talk to > > > the backend directly. > > > > > > regards, > > > abe > > > > I'd say it is mandatory. You are opening yourself up as an easy target for > > hackers if they can go directly to your database. Think about it. If any > > hole in the database security is discovered, then your goose is cooked > > right away. Getting the database off the web and behind a firewall should > > be the least you do. That gives you two levels of protection -- the > firewall > > and the database. > > > > Plus, on the postgresql side, it is much easier to have one restricted > user > > account from one specific machine than to try to manage thousands of > > dynamically created accounts. > > > > Just my opinion, of course. > > > > Greg Speegle > >
В списке pgsql-interfaces по дате отправления: