On Fri, 2008-01-18 at 11:35 +0100, [EMAIL PROTECTED] wrote: > With TinyERP, the access at database for the creating the deleting, > the backup and the restoration is possible only by putting the method > of authentification on trust in the file of configuration of > PosgreSQL. Nobody else method does not work : password, md5, etc. > > Is not a possible problem for security ?
This situation is not necessarily the case all the time. On GNU/Linux, you can create a special user -- ie: terp -- dedicated to run TinyERP. The TinyERP process will be running as this user, and the files and directories of TinyERP (or at least the configuration file) will only be readable by this user. You can then configure PostgreSQL to authenticate this user using the "ident sameuser" method, and make sure all databases for TinyERP are owned by this user. Cheers! -- Federico Sevilla III F S 3 Consulting Inc. http://www.fs3.ph
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Tinyerp-users mailing list http://tiny.be/mailman/listinfo/tinyerp-users
