|
From: | James Busser |
Subject: | [Gnumed-devel] Re: GNUmed (debian) servers and security |
Date: | Sun, 27 Jan 2008 15:14:44 -0800 |
On 27-Jan-08, at 10:32 AM, James Busser wrote:
4. Access to the database. Should Postgres and the machine it is sitting on be somehow better-protected behind some other machine, or it is somehow acceptable for this machine to be connected to the router/internet. Is there anything about this set-up that needs to be carefully considered? It seems to me that the fact that Apache/ Tomcat serve Oscar's MySQL data was used as a strength maybe because Apache's security has been well-tested whereas in our case if Postgres is directly serving the data are we in a less-well tested environment?
Also I am thinking that the connection between the client and the server should be encrypted. If this is not already done, is there some feasible way for it to be achieved? It makes no sense to talk of a "secure" record if the database is being accessed over the internet on an unencrypted connection.
[Prev in Thread] | Current Thread | [Next in Thread] |