From: Jeff Shipman - SysProg <[EMAIL PROTECTED]> > > Because we have 1500+ users which are added > every semester and EVERYONE needs to be able > to read it. There are three different levels > of access which are determined upon startup > by which group you are in (nothing special, > worker, or manager). The access is software > enforced and what we want is to make it so > normal users cannot read the password file. > If they could, they'd be able to just login > to the DB and issue commands, viewing information > about other users which they should not > be able to view. > > Jeff Shipman E-Mail: [EMAIL PROTECTED] > Systems Programmer Phone: (505) 835-5748 > NMIMT Computer Center http://www.nmt.edu/~jeff
Can't you make the database itself able to enforce user access to certain databases? I think Postgresql can do this. > On 21 Feb 2002, Sven Neumann wrote: > > } Hi, > } > } Jeff Shipman - SysProg <[EMAIL PROTECTED]> writes: > } > } > I have a situation where I am using GTK as > } > a frontend for a databse we have. Everything > } > is fine except for the fact that I want to > } > keep the database password secure. I do > } > not want to store it in the program for > } > obvious reasons so I thought I would save > } > it in an external file and have the program > } > read it on startup. The only decent way that > } > I know of to do this have a special user > } > which can read the file and have the program > } > setuid to run as that user. However, gtk > } > doesn't like being run setuid. > } > } If you make your GTK+ app run setuid you can as well make the passwd > } file readable by everyone. How about making the file readable by > } members of a special group and add authorized users to that group ? > } > } > } Salut, Sven > } _______________________________________________ gtk-list mailing list [EMAIL PROTECTED] http://mail.gnome.org/mailman/listinfo/gtk-list