On Mon, 2007-10-29 at 09:13 +0100, [EMAIL PROTECTED] wrote: > sm. I will be looking forward to your posting when your company is ready. No > need to ruffle anyone. I have plenty of things to occupy me in the meantime! ok.
> > As you know, there are many ERP's which state they can safely be exposed to > the web, such as webERP, SQL Ledger, etc. I'd like your opinion on TinyERP, > as concerns my need of deploying it on a dedicated server exposed to the web. > Is it hardened enough to be relatively secure, or at least equal to these > others, security wise, in your opinion? If you ask me about security, I will tell you to pull out your connectivity! However, this hampers usability. Otherwise, I would never trust any inbuilt security (for any app) so it doesnt bother me that Tiny has not really got any kind of access control at a network level. This job is down to the networking people. I would adopt the same approach with any application no matter what the evangelists of the app say. With the Tiny installs that I host, we use non-routeable LANS with port redirects behind iptables only answering to pre-configured source LANS. Mobile / dynamic users have VPN access allowing them to access the LANS where needed. I couldnt work with anything less. SM _______________________________________________ Tinyerp-users mailing list http://tiny.be/mailman/listinfo/tinyerp-users
