On 12 January 2014 15:30, François Beausoleil <franc...@teksol.info> wrote:
> Hi all, > > I'm thinking that all apps that connect to the database should have their > own user. For example, the web application process is one user, then a > report builder process should have another user, and a different process > that imports data should have his own too, and so on. Would you generally > agree with that? > > I'm thinking that by having different users, PGbouncer can create > different pools, and better allow me to control concurrency. > > Thanks! > François > > Hi I think the main idea should be that each user has different credentials, so for example a user for building reports shouldn't be allowed to change the database. Otherwise you'd end with a bunch of users, and from the security perpective, there wouldn't be much difference between this and having just one user. regards, Szymon
