Thread

  1. Client/Server Security question

    Lonnie Cumberland <lonnie_cumberland@yahoo.com> — 2001-04-20T15:04:26Z

    Hello All,
    
    We are developing an application that will allow our websites to talk to our
    database.
    
    In the interest of security, I am wondering if it is possible to turn off some
    of the functions in the SQL command list such that a user can only communicate
    to the database through our functions.
    
    What I mean is this. We have built a number of "C" extensions and PL/pgSQL
    proceedures that will work on our database, but I only want to allow an outside
    query to only one or two of our selected entry points.
    
    The webserver interface query statement might, for example, be able to only
    call "select register_user(.......)" or "select login_user(....)" and NONE of
    the other PostgreSQL command functions.
    
    I only want to allow access to these functions from the outside world, but the
    server needs to be able to execute all of the original functions without
    restrictions.
    
    Any information on this would be greatly appreciated,
    Lonnie
    
    __________________________________________________
    Do You Yahoo!?
    Yahoo! Auctions - buy the things you want at great prices
    http://auctions.yahoo.com/
    
    
  2. Re: Client/Server Security question

    Mark Stosberg <mark@summersault.com> — 2001-04-20T18:40:41Z

    Lonnie Cumberland wrote:
    > 
    > Hello All,
    > 
    > We are developing an application that will allow our websites to talk to our
    > database.
    > 
    > In the interest of security, I am wondering if it is possible to turn off some
    > of the functions in the SQL command list such that a user can only communicate
    > to the database through our functions.
    > 
    > What I mean is this. We have built a number of "C" extensions and PL/pgSQL
    > proceedures that will work on our database, but I only want to allow an outside
    > query to only one or two of our selected entry points.
    > 
    > The webserver interface query statement might, for example, be able to only
    > call "select register_user(.......)" or "select login_user(....)" and NONE of
    > the other PostgreSQL command functions.
    > 
    > I only want to allow access to these functions from the outside world, but the
    > server needs to be able to execute all of the original functions without
    > restrictions.
    
    Lonnie,
    
      Have you checked the Postgres docs on security and access? It offers a
    lot of flexibility. For example, you can use a different postgres
    username to access the database from the outside world, in conjunction
    with using "grant" statements and views to give that user only the
    ability to perform specific actions on specific tables and views. If
    after reading the docs you still have specific questions about details
    that are not clear them, send a follow-up post with a more specific
    question and we can give you a more useful answer. :) 
    
      -mark
    
    
  3. Re: Client/Server Security question

    Hauke Lampe <lampe@tucco.de> — 2001-04-22T03:36:26Z

    Lonnie Cumberland [lonnie_cumberland@yahoo.com] wrote:
    
    > In the interest of security, I am wondering if it is possible to turn off some
    > of the functions in the SQL command list such that a user can only communicate
    > to the database through our functions.
    
    I suggest using a specialised SQL Proxy on the entry gateway that allows
    only a certain set of SQL functions from one host and relays the to the
    DB inside. This ensures that possibly dangerous commands like 'DROP' or
    'CREATE USER' will never reach the DB regardless of the permissions of
    the username used by the proxy.
    
    I don't know of any existing (postgre-)sql proxy solutions yet, though.
    
    > but I only want to allow an outside
    > query to only one or two of our selected entry points.
    
    Set appropiate packet filtering rules on both the webserver and the
    entry point(s).
    
    HTH,
      Hauke
    
    -- 
    Hauke Lampe - TUCCO - The Universal Communication Company
    http://www.tucco.de - fon: +49-40-65777-510, fax: +40-40-65777-250
    
    
  4. Re: Client/Server Security question

    Matthew Hixson <hixson@poindextrose.org> — 2001-04-22T21:07:08Z

    Hi Lonnie,
      This is one of the reasons we are moving to an EJB server at work (we're
    using Oracle there, but they wanted to accomplish the same thing you want
    to do with Postgres).  By exposing specialized interfaces to the db we
    effectively limit the types of queries that can be run.  That might be
    more overhead than you want to deal with in your application, but for us
    it makes sense because we have so many different types of applications
    hitting the db (servlets and JSP pages, Swing applications, perl scripts,
    C programs, etc...)
      -M@
    
    --
    There are more things in heaven and earth,
    Horatio, than are dreamt of in your philosophy.
    
    On Fri, 20 Apr 2001, Lonnie Cumberland wrote:
    
    > Hello All,
    > 
    > We are developing an application that will allow our websites to talk to our
    > database.
    > 
    > In the interest of security, I am wondering if it is possible to turn off some
    > of the functions in the SQL command list such that a user can only communicate
    > to the database through our functions.
    > 
    > What I mean is this. We have built a number of "C" extensions and PL/pgSQL
    > proceedures that will work on our database, but I only want to allow an outside
    > query to only one or two of our selected entry points.
    > 
    > The webserver interface query statement might, for example, be able to only
    > call "select register_user(.......)" or "select login_user(....)" and NONE of
    > the other PostgreSQL command functions.
    > 
    > I only want to allow access to these functions from the outside world, but the
    > server needs to be able to execute all of the original functions without
    > restrictions.
    > 
    > Any information on this would be greatly appreciated,
    > Lonnie
    > 
    > __________________________________________________
    > Do You Yahoo!?
    > Yahoo! Auctions - buy the things you want at great prices
    > http://auctions.yahoo.com/
    > 
    > ---------------------------(end of broadcast)---------------------------
    > TIP 1: subscribe and unsubscribe commands go to majordomo@postgresql.org
    >