| From: | Damian Wolgast <damian(dot)wolgast(at)si-co(dot)net> |
|---|---|
| To: | Simon Riggs <simon(at)2ndquadrant(dot)com> |
| Cc: | Heikki Linnakangas <hlinnakangas(at)vmware(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Column Redaction |
| Date: | 2014-10-10 10:08:02 |
| Message-ID: | A0FFDE5A-2886-49EA-BF2F-E422CC009082@si-co.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> The problem there is that the SQL for (2) changes frequently, so we
> want to give people SQL access.
So you want to give people access to your SQL database and worry that they could see specific information (credit card numbers) in plain and therefore you want to format it, so that people cannot see the real data. Is that correct?
I'd either do that by only letting them access a view or be reconsidering if it is really a good idea to give them SQL access to the server as they could do other things which e.g. could slow down the server enormously.
Never trust the user. So I see what you want to achieve but I am not sure if the reason to do that is good. Can you explain please?
Maybe you should provide them an interface (e.g. web app) that restricts access to certain functions and cares about formatting.
Regards
Damian Wolgast (irc:asymetrixs)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andres Freund | 2014-10-10 10:15:01 | Re: Scaling shared buffer eviction |
| Previous Message | Simon Riggs | 2014-10-10 09:45:06 | Re: Column Redaction |