- [EMAIL PROTECTED]% (Jim Mercer):
It will be yet another safe_mode like feature. i.e.
it isn't secure as it sounds. Users with a little knowledge
can access backend with socket function. Therefore, I agree
with Ilia's opinion.
snip
the concept here is security, and i recognize that part of
this patch adds the config variable pgsql.allowed_dblist
by default it has no value, meaning all databases are accessible
it can contain a colon delimited list of databases that are accessible.
if the database accessed is not in the list, and the list is not null,
then an error is returned as
On Thu, Sep 26, 2002 at 02:15:52PM -0400, Jim Mercer wrote:
this patch adds the config variable pgsql.allowed_dblist
[snip]
although it can be accomplished by other means, setting the variable to a
value of : effectively locks the code out of pgsql.
Isn't it generally better (where
From: Jon Parise
Isn't it generally better (where better means more secure,
efficient, and easily maintained) to handle database access
control using PostgreSQL's native access mappings?
I would think so, and IMHO, that's where pgsql access control
belongs, with pgsql.
Regards
Mike
On Thursday, September 26, 2002, at 06:36 PM, Jon Parise wrote:
Isn't it generally better (where better means more secure,
efficient, and easily maintained) to handle database access control
using PostgreSQL's native access mappings?
Yep. Thus why it was created :)
On Thu, Sep 26, 2002 at 08:01:29PM -0400, Dan Kalowsky wrote:
On Thursday, September 26, 2002, at 06:36 PM, Jon Parise wrote:
Isn't it generally better (where better means more secure,
efficient, and easily maintained) to handle database access control
using PostgreSQL's native access
On September 26, 2002 08:48 pm, Jim Mercer wrote:
On Thu, Sep 26, 2002 at 09:00:17PM -0400, Ilia A. wrote:
It is not a job of the programming language to implement system, database
security. This is simply not done. If you want to secure your PostgreSQL
more so that you can with the
On Thu, Sep 26, 2002 at 09:31:44PM -0400, Ilia A. wrote:
PHP is full of tweaks and hacks specifically to augment and make easier the
job of the people using it.
The only simular hack I can imagine you are referring to is safe_mode, which
is a very ugly thing that was only implemented
Ilia A. wrote:
list think of this patch. I merely try to explain why I believe this
particular patch is not appropriate for standard PHP distribution.
It will be yet another safe_mode like feature. i.e.
it isn't secure as it sounds. Users with a little knowledge
can access backend with socket
On Thu, Sep 26, 2002 at 09:00:17PM -0400, Ilia A. wrote:
It is not a job of the programming language to implement system, database
security. This is simply not done. If you want to secure your PostgreSQL more
so that you can with the current tools, the people you should be talking to
are
On Fri, Sep 27, 2002 at 10:50:08AM +0900, Yasuo Ohgaki wrote:
Ilia A. wrote:
list think of this patch. I merely try to explain why I believe this
particular patch is not appropriate for standard PHP distribution.
It will be yet another safe_mode like feature. i.e.
it isn't secure as it
11 matches
Mail list logo