Re: Restricting database permissions

[Jason Beaudoin]

On Mon, Sep 7, 2009 at 10:09 AM, Thomas Guettler  wrote:

>
> I can speak only for postgres.
>
> We create the database with a special admin-account and
> the owner if the db is the admin-account. Then we grant
> insert, update, delete permissions to the django-db-user.
>
> We have a modified manage.py which let syncdb run with
> the admin-account (interactive password prompt).
>
>
Sounds fantastic! Might you be interested in posting your work?

~ Jason

--
let's end our suffering, and let go of the debts we hold over the heads of
others.
let's rejoin our brethren in the garden of eden, once again living in
paradise.

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: Restricting database permissions

[sean]

Hi Thomas,

Thank you for your suggestion.  The modified manage.py sounds like a
very good place for me to start.

Best regards,
Sean

On Mon, 2009-09-07 at 16:09 +0200, Thomas Guettler wrote:
> I can speak only for postgres.
> 
> We create the database with a special admin-account and
> the owner if the db is the admin-account. Then we grant
> insert, update, delete permissions to the django-db-user.
> 
> We have a modified manage.py which let syncdb run with
> the admin-account (interactive password prompt).
> 
> It is possible, it is more secure, but makes some trouble.
> 
> sean schrieb:
> > Hi All,
> > 
> > I am currently working on a front end to pam-mysql and nss-mysql to
> > allow the creation of linux user accounts through the web.  
> > 
> > I need to separate out permissions so that Django can read some columns
> > and not others, for instance it should have no access to the password
> > column.  
> > 
> > I need another mysql user with it's mysql password stored in a file
> > owned by root with permissions 700 to do the actual data modification -
> > so this part will need to be separate from the Django app, but called
> > from it via a passwordless sudo entry or something.
> > 
> > As Django can only connect to mysql with one user, what is the best way
> > to restrict it's permissions to the ones I want it to be able to read?
> > Can this be done at a configuration file level so that upon running
> > syncb, the permissions are in place?
> > 
> > Any pointers greatly appreciated.
> 


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: Restricting database permissions

[Thomas Guettler]

I can speak only for postgres.

We create the database with a special admin-account and
the owner if the db is the admin-account. Then we grant
insert, update, delete permissions to the django-db-user.

We have a modified manage.py which let syncdb run with
the admin-account (interactive password prompt).

It is possible, it is more secure, but makes some trouble.

sean schrieb:
> Hi All,
> 
> I am currently working on a front end to pam-mysql and nss-mysql to
> allow the creation of linux user accounts through the web.  
> 
> I need to separate out permissions so that Django can read some columns
> and not others, for instance it should have no access to the password
> column.  
> 
> I need another mysql user with it's mysql password stored in a file
> owned by root with permissions 700 to do the actual data modification -
> so this part will need to be separate from the Django app, but called
> from it via a passwordless sudo entry or something.
> 
> As Django can only connect to mysql with one user, what is the best way
> to restrict it's permissions to the ones I want it to be able to read?
> Can this be done at a configuration file level so that upon running
> syncb, the permissions are in place?
> 
> Any pointers greatly appreciated.

-- 
Thomas Guettler, http://www.thomas-guettler.de/
E-Mail: guettli (*) thomas-guettler + de

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Restricting database permissions

[sean]

Hi All,

I am currently working on a front end to pam-mysql and nss-mysql to
allow the creation of linux user accounts through the web.  

I need to separate out permissions so that Django can read some columns
and not others, for instance it should have no access to the password
column.  

I need another mysql user with it's mysql password stored in a file
owned by root with permissions 700 to do the actual data modification -
so this part will need to be separate from the Django app, but called
from it via a passwordless sudo entry or something.

As Django can only connect to mysql with one user, what is the best way
to restrict it's permissions to the ones I want it to be able to read?
Can this be done at a configuration file level so that upon running
syncb, the permissions are in place?

Any pointers greatly appreciated.

Regards,
Sean




--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: database permissions

[Kenneth Gonsalves]

On 08-Aug-07, at 10:13 PM, James Bennett wrote:

>> constructing the SQL.  With Django, it is building the SQL for me.
>
> Your best bet is to thoroughly read the documentation on the ORM; once
> your tables are created (it can create them for you, but you don't
> have to let it do that -- instead you can have it print the SQL out to
> a file for you to execute yourself), the ORM only ever does SELECT,
> INSERT and UPDATE, and it's fairly obvious which ORM methods perform
> which queries.

in fact, even at the data level, you could, outside django do  
inserts, updates and deletes and allow the django user to use only  
selects that view the data. In which case the django user would have  
only readonly access to the database.

So your choices are:

1. django user gets create, drop rights on tables and  indexes.  
select, insert, update and delete. Alter table rights dont arise  
until some form of schema evolution makes it's way into trunk as  
django currently cannot manipulate individual columns in tables

2. do the db structure manually outside django and give django rights  
only over the data - select, insert, update, delete

3. do even data manipulation outside allow django user readonly rights.

There are rigid frameworks around which mandate that *all* actions  
*must* be done through the framework, otherwise everything gets  
borked. Django is much more flexible here. So, for example, django  
doesnt do check contraints - but that doesnt mean that a django app  
cannot have check constraints. All it means that you have to set  
these up in the database manually and maybe write some stuff in the  
views to catch the db errors. (check constraints are a GSoc project,  
so maybe django will have them soon)

-- 

regards
kg
http://lawgon.livejournal.com
http://nrcfosshelpline.in/web/



--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: database permissions

[[EMAIL PROTECTED]]

On Aug 8, 9:49 am, Stephen Bunn <[EMAIL PROTECTED]> wrote:
> I know it obviously needs to be able to execute SELECT, UPDATE, and
> INSERT statements, but what about ALTER? SHOW? does it need to create
> views? create indexes? what about locking tables and creating temporary
> tables?

The true minimum permissions for your DB are not dependent entirely on
Django -- what you plan to do with the particular application you
build using Django is just as important.

Obviously, when you run syncdb to create tables from ORM, you are
going to need to give the django user CREATE permission.  Don't know
if there are cases where it would use ALTER.  Once the tables are
created, you can revoke the user's CREATE, ALTER, and DROP perms.

All tables are going to need SELECT; so far as I know, none of them
are going to need SHOW.  Most tables will need INSERT, but not
necessarily all -- suppose you have a table that is populated by a
different app, and all Django does is consume the data.  You may or
may not need DELETE for any given table, again depending on how you
plan to use it.

As with any serious security issue, there is no quick easy right
answer.  The safe bet is always assume your setup is insecure, unless
you have solid reason to believe otherwise.



--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: database permissions

[James Bennett]

On 8/8/07, Stephen Bunn <[EMAIL PROTECTED]> wrote:
> Understandable.  But for somebody new to an ORM type model (like me)
> things might not be so clear.  If I am writing a PHP or Perl
> application, I know exactly what permission it needs because I am
> constructing the SQL.  With Django, it is building the SQL for me.

Your best bet is to thoroughly read the documentation on the ORM; once
your tables are created (it can create them for you, but you don't
have to let it do that -- instead you can have it print the SQL out to
a file for you to execute yourself), the ORM only ever does SELECT,
INSERT and UPDATE, and it's fairly obvious which ORM methods perform
which queries.

-- 
"Bureaucrat Conrad, you are technically correct -- the best kind of correct."

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: database permissions

[Andrey Khavryuchenko]

Steve,

 SB> Perhaps I am wrong, or just going about this the wrong way, but I have
 SB> been looking the Django documentation and asking around in #django and
 SB> nobody can (or do not want to) give me a straight answer and the minimum
 SB> database permissions Django needs to operate.  So I am assuming that
 SB> everybody is just giving Django free rein over the database, which I
 SB> think is a bad idea.

 SB> Is there any documentation anywhere that describes setting up correct
 SB> database permissions for use with Django.

It should strongly depend on the queries you're doing with django.  You may
inspect them with 
manage.py sql
manage.py sqlall
and similar commands together with simply looking into your db queries log
or django.db.connection.queries in DEBUG mode.

-- 
Andrey V Khavryuchenko
Django NewGate -  http://www.kds.com.ua/djiggit/
Development - http://www.kds.com.ua 
Call akhavr1975 on www.gizmoproject.com

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: database permissions

[Stephen Bunn]

Kenneth Gonsalves wrote:
> 
> 
> you have to divide the tasks into those that you want to do through  
> django and those that you want to do outside django - django needs  
> permissions to do the first set. I dont think one can be clearer than  
> that.
> 

Understandable.  But for somebody new to an ORM type model (like me)
things might not be so clear.  If I am writing a PHP or Perl
application, I know exactly what permission it needs because I am
constructing the SQL.  With Django, it is building the SQL for me.

Of course I could sit down and look at the source code and figure it
out, but for somebody that is simply going through the tutorial to
figure out if Django is for me, it would be nice to know what the
minimal set of permissions are to get through the tutorial with it
working.  for my purposes I am just going to willy nilly give Django all
permissions so I can test it out, but I still think it should be
documented somewhere.

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: database permissions

[Hongqing Li]

You need certain permissions to setup the superuser account, although I
don't know which, only Select,Update and Insert are not enough for setup the
superuser account.

On 8/8/07, Kenneth Gonsalves <[EMAIL PROTECTED]> wrote:
>
>
>
> On 08-Aug-07, at 7:19 PM, Stephen Bunn wrote:
>
> > therein lies the problem.  What is 'everything' that Django
> > requires to
> > be done?
> >
> > I know it obviously needs to be able to execute SELECT, UPDATE, and
> > INSERT statements, but what about ALTER? SHOW? does it need to create
> > views? create indexes? what about locking tables and creating
> > temporary
> > tables?
>
> you have to divide the tasks into those that you want to do through
> django and those that you want to do outside django - django needs
> permissions to do the first set. I dont think one can be clearer than
> that.
>
> --
>
> regards
> kg
> http://lawgon.livejournal.com
> http://nrcfosshelpline.in/web/
>
>
>
> >
>

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: database permissions

[Kenneth Gonsalves]

On 08-Aug-07, at 7:19 PM, Stephen Bunn wrote:

> therein lies the problem.  What is 'everything' that Django  
> requires to
> be done?
>
> I know it obviously needs to be able to execute SELECT, UPDATE, and
> INSERT statements, but what about ALTER? SHOW? does it need to create
> views? create indexes? what about locking tables and creating  
> temporary
> tables?

you have to divide the tasks into those that you want to do through  
django and those that you want to do outside django - django needs  
permissions to do the first set. I dont think one can be clearer than  
that.

-- 

regards
kg
http://lawgon.livejournal.com
http://nrcfosshelpline.in/web/



--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: database permissions

[Stephen Bunn]

Kenneth Gonsalves wrote:
> 
> On 08-Aug-07, at 6:51 PM, Stephen Bunn wrote:
> 
> use whatever permissions you are happy with. As long as the user  
> under which django accesses the database, can do everything django  
> requires to be done, it's fine. I dont think this is any different  
> from any other cgi application accessing a database.
> 
therein lies the problem.  What is 'everything' that Django requires to
be done?

I know it obviously needs to be able to execute SELECT, UPDATE, and
INSERT statements, but what about ALTER? SHOW? does it need to create
views? create indexes? what about locking tables and creating temporary
tables?



--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: database permissions

[Kenneth Gonsalves]

On 08-Aug-07, at 6:51 PM, Stephen Bunn wrote:

> Is there any documentation anywhere that describes setting up correct
> database permissions for use with Django.

use whatever permissions you are happy with. As long as the user  
under which django accesses the database, can do everything django  
requires to be done, it's fine. I dont think this is any different  
from any other cgi application accessing a database.

-- 

regards
kg
http://lawgon.livejournal.com
http://nrcfosshelpline.in/web/



--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

database permissions

[Stephen Bunn]

Perhaps I am wrong, or just going about this the wrong way, but I have
been looking the Django documentation and asking around in #django and
nobody can (or do not want to) give me a straight answer and the minimum
 database permissions Django needs to operate.  So I am assuming that
everybody is just giving Django free rein over the database, which I
think is a bad idea.

Is there any documentation anywhere that describes setting up correct
database permissions for use with Django.

Thanks.
Steve

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---