this patch adds the config variable pgsql.allowed_dblist
by default it has no value, meaning all databases are accessible
it can contain a colon delimited list of databases that are accessible.
if the database accessed is not in the list, and the list is not null,
then an error is returned as
On Thu, Sep 26, 2002 at 02:15:52PM -0400, Jim Mercer wrote:
> this patch adds the config variable pgsql.allowed_dblist
[snip]
> although it can be accomplished by other means, setting the variable to a
> value of ":" effectively locks the code out of pgsql.
Isn't it generally better (where "
From: Jon Parise
> Isn't it generally better (where "better" means more secure,
> efficient, and easily maintained) to handle database access
> control using PostgreSQL's native access mappings?
I would think so, and IMHO, that's where pgsql access control
belongs, with pgsql.
Regards
Mike Ro
On Thursday, September 26, 2002, at 06:36 PM, Jon Parise wrote:
> Isn't it generally better (where "better" means more secure,
> efficient, and easily maintained) to handle database access control
> using PostgreSQL's native access mappings?
>
Yep. Thus why it was created :)
>-
On Thu, Sep 26, 2002 at 08:01:29PM -0400, Dan Kalowsky wrote:
> On Thursday, September 26, 2002, at 06:36 PM, Jon Parise wrote:
> >Isn't it generally better (where "better" means more secure,
> >efficient, and easily maintained) to handle database access control
> >using PostgreSQL's native access
On September 26, 2002 08:48 pm, Jim Mercer wrote:
> On Thu, Sep 26, 2002 at 09:00:17PM -0400, Ilia A. wrote:
> > It is not a job of the programming language to implement system, database
> > security. This is simply not done. If you want to secure your PostgreSQL
> > more so that you can with the
On Thu, Sep 26, 2002 at 09:31:44PM -0400, Ilia A. wrote:
> > PHP is full of tweaks and hacks specifically to augment and make easier the
> > job of the people using it.
>
> The only simular hack I can imagine you are referring to is safe_mode, which
> is a very ugly thing that was only implement
Ilia A. wrote:
> list think of this patch. I merely try to explain why I believe this
> particular patch is not appropriate for standard PHP distribution.
It will be yet another safe_mode like feature. i.e.
it isn't secure as it sounds. Users with a little knowledge
can access backend with socke
On Thu, Sep 26, 2002 at 09:00:17PM -0400, Ilia A. wrote:
> It is not a job of the programming language to implement system, database
> security. This is simply not done. If you want to secure your PostgreSQL more
> so that you can with the current tools, the people you should be talking to
> ar
On Fri, Sep 27, 2002 at 10:50:08AM +0900, Yasuo Ohgaki wrote:
> Ilia A. wrote:
> >list think of this patch. I merely try to explain why I believe this
> >particular patch is not appropriate for standard PHP distribution.
>
> It will be yet another safe_mode like feature. i.e.
> it isn't secure a
- [EMAIL PROTECTED]% (Jim Mercer):
>> It will be yet another safe_mode like feature. i.e.
>> it isn't secure as it sounds. Users with a little knowledge
>> can access backend with socket function. Therefore, I agree
>> with Ilia's opinion.
> the concept here is security, and i recognize that part
11 matches
Mail list logo
