You store login/password in a read-only file protected from other users : this file
(one per web site ?) contains the login/pass used by the web server to access the
database ? Is this way to work really secure (this file must be stored outside of the
HTML root space, even outside of the FTP root space, if you allow FTP connections for
administrators of the site, and so on...)
Second point : how do you make sure that a site will not access the wrong databse, ie
: somebody responsible of site A may create a script or something to access database
A. How do you make sure he won't ever be able to access database B. Is it possible ?
Nicolas Huillard
-----Message d'origine-----
De: Giuseppe Tanzilli [SMTP:[EMAIL PROTECTED]]
Date: jeudi 14 octobre 1999 13:05
À: Nicolas Huillard
Cc: '[EMAIL PROTECTED]'
Objet: Re: [ADMIN] User/group policy for pg backed web sites
Ciao,
I use this two different ways:
One database per web site.
First one:
o Password administrator access postgres by ODBC (MS Access front-end)
o they are authenticated in postgres with postgres users/passwords
o the have granted only some privilege on that tables in the database
o the web server as user "web" can only read the tables
o the web server store login/password in a read only file protected from other
users, anyway he has only read access
Second one:
Same as above but:
o administration is done by web interface, password protected
o the admins passwords are in the same table, the are admin if the id is lower
than 100 (example)
I use php (www.php.net) for the web interfaces.
bye
Nicolas Huillard wrote:
> I've seen the tool, it seems to be very good, and I plan to use it.
> But the question I was originally asking was : how to setup Postgres users and
>groups for the databases linked to the sites, in the way that :
> * the web server itself can access the data with limited access,
> * nobody, using "psql -h mymachine.mydomain template1", can access the databases,
> * nobody can read a simple text file somewhere on the site/machine to get a password
>to access the databse with full privileges,
> * the content administrators for each database can't open the other one's databases
>on the same machine
> * etc.
> Has somebody already think about a good security policy when accessing databases
>from both a web server and ODBC connections ?
>
> TIA, and thanks Guiseppe for the link to mod_auth_pgsql
>
> Nicolas
>
************
