On Tue, Aug 16, 2011 at 1:47 PM, Chris Travers <chris.travers@gmail.com> wrote:
> On Tue, Aug 16, 2011 at 11:08 AM, Merlin Moncure <mmoncure@gmail.com> wrote:
>
>> why not? if you are serving http, just put thin connection pooler in
>> your http server (node.js would be great for that). if you are
>> serving libpq directly, you can pool with pgbouncer.
>>
> Who enforces security and how?
*) http wrapper (example node.js): check security in the wrapper.
presumably your application server would be keeping sessions state
independently of database session and would do verification on every
call.
*) stock pgbouncer: there is essentially no strong way of checking
security. what we ended up doing was modifying pgbouncer to keep track
of the client auth and building a query whitelist. very simple and
effective. we also added in support for listen/notify. imagine
interacting directly with remote agents inside the psql console and
being able to join client provided data to other tables in the
database :-). ad hoc sql obviously can't be allowed from an untrusted
source.
merlin
