[UPHPU] database security questions

[Kyle Waters]

I'm in charge of implementing *the* company database.  This 
database(pgsql) stores information that the whole company is meant to 
see and will eventually store private information like social security 
numbers, and pay rates.

problem 1
    The server that the database and scripts are stored on is being used 
for other purposes and many employees at the company will have shell 
access to the server.  So I need to protect my script with the database 
username and password in it from other users.  I know the easy way to do 
this is to set the permissions on my files to 660 and set the group to 
all the files as apache.  And then add all my developers to the apache 
group.
    However that solution bugs me.  So I thought I would ask what other 
people did.  I'm thinking that rather than use the apache group I will 
user an other group for my developers and then just give apache read 
access with acls, but I have never used acls before so I'm not sure if 
that is a good solution.

problem 2
    I have data in the database that everyone needs access to and other 
data that needs to be restricted.  So I have names, phone numbers and 
social security numbers.  I may want to give certain pgsql accounts and 
scripts access to a persons name and phone number but not that persons 
social security number. Should I create a separate table with a one to 
one relation to store the private information?  Then I can set 
privileges on each table, or is there a better way to do this?

I hope some of that makes sense.

Kyle

-- 
no amount of fear can stop the rise of free media, or free software (they are the same, after all)

Jonathan Swartz
CEO Sun Microsystems