Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #39749
| References | (2 earlier) <kg87jq$kfd$1@ger.gmane.org> <CAO+9iGdCtzkkp=p5aA96qA9wqz+QDHc8mZTKwqUqpcd1ZUfFuA@mail.gmail.com> <kg8p5a$9en$1@ger.gmane.org> <mailman.2312.1361576247.2939.python-list@python.org> <20130224153134.4cab73a958ac7d1af476ae3d@gmx.net> |
|---|---|
| Date | 2013-02-25 01:58 +1100 |
| Subject | Re: PyQT app accessible over network? |
| From | Chris Angelico <rosuav@gmail.com> |
| Newsgroups | comp.lang.python |
| Message-ID | <mailman.2408.1361717925.2939.python-list@python.org> (permalink) |
On Mon, Feb 25, 2013 at 1:31 AM, Wolfgang Keller <feliphil@gmx.net> wrote: >> As far as doing client/server stuff with just a database engine, >> unless you have tight control over the environment end to end, from a >> security pov, it's not a good idea to expose the database engine >> itself to the internet. Better to put a restricted web services API >> in front of it that handles all the authorization needs >> (access-control) on the detailed level that you require. > > Excuse me but that's bullshit. I don't use the term but I absolutely agree with the sentiment. Of course, if you're assuming a MySQL setup, then yes, exposing the database engine directly would have risks. But I grew up with DB2, and there were MANY ways in which you could control exactly what people could do (views and stored procedures being the two easiest/most commonly used) - to the extent that one of the recommended organizational structures was to have the end-user login actually *be* the database connection credentials, and to have your fancy app just connect remotely. There's a guarantee that someone who logs in as a non-administrator cannot access administrative functionality. PostgreSQL has all those same features, packaged up in an open source system; MySQL has a philosophical structure of "user logs in to app, but app logs in to database as superuser regardless of user login". ChrisA
Back to comp.lang.python | Previous | Next — Previous in thread | Next in thread | Find similar | Unroll thread
PyQT app accessible over network? Monte Milanuk <memilanuk@gmail.com> - 2013-02-21 08:22 -0800
Re: PyQT app accessible over network? Wolfgang Keller <feliphil@gmx.net> - 2013-02-22 16:45 +0100
Re: PyQT app accessible over network? Monte Milanuk <memilanuk@gmail.com> - 2013-02-22 08:50 -0800
Re: PyQT app accessible over network? Wolfgang Keller <feliphil@gmx.net> - 2013-02-24 15:30 +0100
Re: PyQT app accessible over network? Alec Taylor <alec.taylor6@gmail.com> - 2013-02-23 03:57 +1100
Re: PyQT app accessible over network? Monte Milanuk <memilanuk@gmail.com> - 2013-02-22 13:49 -0800
Re: PyQT app accessible over network? Michael Torrie <torriem@gmail.com> - 2013-02-22 16:37 -0700
Re: PyQT app accessible over network? Wolfgang Keller <feliphil@gmx.net> - 2013-02-24 15:31 +0100
Re: PyQT app accessible over network? Chris Angelico <rosuav@gmail.com> - 2013-02-25 01:58 +1100
Re: PyQT app accessible over network? Frank Millman <frank@chagford.com> - 2013-02-25 08:14 +0200
Re: PyQT app accessible over network? Chris Angelico <rosuav@gmail.com> - 2013-02-25 17:35 +1100
Re: PyQT app accessible over network? Frank Millman <frank@chagford.com> - 2013-02-25 10:02 +0200
Re: PyQT app accessible over network? Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2013-02-25 18:26 -0500
Re: PyQT app accessible over network? Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2013-02-25 18:32 -0500
Re: PyQT app accessible over network? Chris Angelico <rosuav@gmail.com> - 2013-02-26 17:26 +1100
Re: PyQT app accessible over network? Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2013-02-22 19:20 -0500
Re: PyQT app accessible over network? Chris Angelico <rosuav@gmail.com> - 2013-02-23 11:32 +1100
Re: PyQT app accessible over network? Alec Taylor <alec.taylor6@gmail.com> - 2013-02-24 20:00 +1100
csiph-web