On Thursday 15 September 2011 10:09:09 Jonathan Lange wrote: > On Thu, Sep 15, 2011 at 5:01 AM, Robert Collins > <robe...@robertcollins.net> wrote: > ... > > > Bug 760079 talks about a app server specific checker, but thinking > > about this more perhaps we should bake into all our services and > > scripts a 'dependency checker'. > > > > E.g. > > oops-prune --check-environment > > would: > > - check it has the needed DB access > > - and $any $other $needed firewall holes > > in a non-destructive way. > > ... > > > What do you think? > > Seems a fairly sensible idea. I'd be worried a little bit about skew > between what an app thinks it needs to run and what it actually needs. > Perhaps it's best phrased as a dry-run start up, rather than a deps > check?
Agree, both with the idea and these concerns. One of the biggest skews we have that *consistently* hurts us is setting up DB users with the right permissions on tables. This is largely because the security.cfg is not action-based, but user-based. That is - we should be composing DB users' permissions out of a set of actions/roles (I think there's one example if this in the file but it's an exception), not setting up each user discretely. However, I want to re-examine the requirement to set up explicit permissions on each user at all. Why do we need this? What is it helping to protect? Is any of this worth the hassle and rollout problems? This permissioning is also sometimes extremely hard to catch in testing. Quite often a particular set of permissions are only required in a tiny corner case that is not always relevant to the test intentions. We already know that having separate users is useful to identify rogue connections etc, but I fail to understand why they need permissions. This is particularly interesting given that we only do this with scripts - the webapp has carte blanche. I would like do away with the discrete permissions and make all the users inherit from "main". This would also bring the benefits of quicker tests since they don't need to commit and switch db users. I'd love to hear opinions on this. _______________________________________________ Mailing list: https://launchpad.net/~launchpad-dev Post to : launchpad-dev@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-dev More help : https://help.launchpad.net/ListHelp
