https://www.percona.com/blog/best-practices-for-database-security/ Mon, 25 Mar 2024 18:48:58 +0000 hourly 1 https://wordpress.org/?v=6.5.2 https://www.percona.com/blog/best-practices-for-database-security/#comment-10974278 Mon, 25 Mar 2024 18:48:58 +0000 https://www.percona.com/blog/?p=95377#comment-10974278 One of the best ways to enhance security in PostgreSQL is to remove table SELECT access from the clients and force them instead to access using SECURITY DEFINER stored procedures. For instance if your webapp uses a client login table, have a procedure to authenticate. That way, even if your webapp is compromised, it would be unable to enumerate the users or extract the password hashes for cracking.

]]>