On Mon, Feb 25, 2013 at 1:31 AM, Wolfgang Keller <felip...@gmx.net> wrote: >> As far as doing client/server stuff with just a database engine, >> unless you have tight control over the environment end to end, from a >> security pov, it's not a good idea to expose the database engine >> itself to the internet. Better to put a restricted web services API >> in front of it that handles all the authorization needs >> (access-control) on the detailed level that you require. > > Excuse me but that's bullshit.
I don't use the term but I absolutely agree with the sentiment. Of course, if you're assuming a MySQL setup, then yes, exposing the database engine directly would have risks. But I grew up with DB2, and there were MANY ways in which you could control exactly what people could do (views and stored procedures being the two easiest/most commonly used) - to the extent that one of the recommended organizational structures was to have the end-user login actually *be* the database connection credentials, and to have your fancy app just connect remotely. There's a guarantee that someone who logs in as a non-administrator cannot access administrative functionality. PostgreSQL has all those same features, packaged up in an open source system; MySQL has a philosophical structure of "user logs in to app, but app logs in to database as superuser regardless of user login". ChrisA -- http://mail.python.org/mailman/listinfo/python-list
