On 12 January 2014 15:30, François Beausoleil <francois@xxxxxxxxxxx> wrote:
Hi all,
I'm thinking that all apps that connect to the database should have their own user. For example, the web application process is one user, then a report builder process should have another user, and a different process that imports data should have his own too, and so on. Would you generally agree with that?
I'm thinking that by having different users, PGbouncer can create different pools, and better allow me to control concurrency.
Thanks!
François
Hi
I think the main idea should be that each user has different credentials, so for example a user for building reports shouldn't be allowed to change the database. Otherwise you'd end with a bunch of users, and from the security perpective, there wouldn't be much difference between this and having just one user.
regards,
Szymon
