On Sat, 10 Feb 2007 14:32:42 -0800 Adam Chlipala <[EMAIL PROTECTED]> wrote:
> We also need to figure out access control policies. For MySQL, this > takes the form of choosing the latter part of [EMAIL PROTECTED] > usernames. The current code is using [EMAIL PROTECTED], but we will of > course want to allow users logged into mire to access their databases on > deleuze. What do y'all think about 69.90.123.% as the hostname part, > which allows connections from servers in our little subnety thing > (though it will also allow others at the same colo, since we don't own > the whole fourth part of the IP address range). I think it would be good to expand the level of support we have for this. Obviously, one (and currently used approach on fyodor) is just having one user, USERNAME@<host>, having all privileges on the database. But it should be possible for users to create more usernames (such as USERNAME[_suffix]) to have finer-grained control over the connections their various programs are performing to the database). I do not currently have an idea how to implement this, and anyway I think it is more of a domtool2-logic issue than anything else? -doc _______________________________________________ HCoop-SysAdmin mailing list [email protected] http://hcoop.net/cgi-bin/mailman/listinfo/hcoop-sysadmin
