Security

PostgreSQL supports several authentication methods, including password, LDAB, GSSAPI, SSPI, Kerberos, ident-based, RADUIS, certificate, and PAM authentication. All database vulnerabilities are listed in the PostgreSQL security information web page (http://www.postgresql.org/support/security/) with information about the affected version, the vulnerability class, and the affected component.

The PostgreSQL security updates are made available as minor updates. Also, known security issues are always fixed with the next major releases. Publishing security updates in minor updates makes it easy for a PostgreSQL administrator to keep PostgreSQL secure and up to date with minimal downtime.

PostgreSQL can control the database object access at several levels, including database, table, view, function, sequence, column, and row. This enables PostgreSQL to have great authorization control.

PostgreSQL can use encryption to protect data by hardware encryption. Also, you can encrypt certain information by utilizing the pgcrypto extension.