Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #39916
| From | Dennis Lee Bieber <wlfraed@ix.netcom.com> |
|---|---|
| Subject | Re: PyQT app accessible over network? |
| Date | 2013-02-25 18:26 -0500 |
| Organization | > Bestiaria Support Staff < |
| References | (4 earlier) <mailman.2312.1361576247.2939.python-list@python.org> <20130224153134.4cab73a958ac7d1af476ae3d@gmx.net> <CAPTjJmrw7DvmdL3K8GqqYG1aexDWavo_LHZXcVG=hF_zJa2mWw@mail.gmail.com> <kgevgi$n8g$1@ger.gmane.org> <CAPTjJmr-XN0yuqyraYYs1X19k=Yo5JvVq1sGPWgqMFJntZg+sA@mail.gmail.com> |
| Newsgroups | comp.lang.python |
| Message-ID | <mailman.2525.1361834809.2939.python-list@python.org> (permalink) |
On Mon, 25 Feb 2013 17:35:44 +1100, Chris Angelico <rosuav@gmail.com>
declaimed the following in gmane.comp.python.general:
> It may take a lot of work to get the permissions down to their
> absolute minimum, but one easy "half-way house" would be to create a
> read-only user - SELECT permission on everything, no other perms. Not
> applicable to all situations, but when it is, it's an easy way to
> manage the risk of compromise.
>
I think I'd recommend that even this read permission be limited to
the tables required by the application... Wouldn't want someone to
"accidentally" read the database user account tables, would we?
MySQL's permission system, as I recall (I'm too lazy to grab one of
the five MySQL reference books on my shelf) can be set for "database",
"table", and "column" levels. (Setting permissions at the column level
would be painful, IMO -- especially if one has a goodly number of tables
with lots of fields; Creating a view and using a table level restriction
may be better -- not sure if MySQL views honor the access restrictions
though)
--
Wulfraed Dennis Lee Bieber AF6VN
wlfraed@ix.netcom.com HTTP://wlfraed.home.netcom.com/
Back to comp.lang.python | Previous | Next — Previous in thread | Next in thread | Find similar | Unroll thread
PyQT app accessible over network? Monte Milanuk <memilanuk@gmail.com> - 2013-02-21 08:22 -0800
Re: PyQT app accessible over network? Wolfgang Keller <feliphil@gmx.net> - 2013-02-22 16:45 +0100
Re: PyQT app accessible over network? Monte Milanuk <memilanuk@gmail.com> - 2013-02-22 08:50 -0800
Re: PyQT app accessible over network? Wolfgang Keller <feliphil@gmx.net> - 2013-02-24 15:30 +0100
Re: PyQT app accessible over network? Alec Taylor <alec.taylor6@gmail.com> - 2013-02-23 03:57 +1100
Re: PyQT app accessible over network? Monte Milanuk <memilanuk@gmail.com> - 2013-02-22 13:49 -0800
Re: PyQT app accessible over network? Michael Torrie <torriem@gmail.com> - 2013-02-22 16:37 -0700
Re: PyQT app accessible over network? Wolfgang Keller <feliphil@gmx.net> - 2013-02-24 15:31 +0100
Re: PyQT app accessible over network? Chris Angelico <rosuav@gmail.com> - 2013-02-25 01:58 +1100
Re: PyQT app accessible over network? Frank Millman <frank@chagford.com> - 2013-02-25 08:14 +0200
Re: PyQT app accessible over network? Chris Angelico <rosuav@gmail.com> - 2013-02-25 17:35 +1100
Re: PyQT app accessible over network? Frank Millman <frank@chagford.com> - 2013-02-25 10:02 +0200
Re: PyQT app accessible over network? Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2013-02-25 18:26 -0500
Re: PyQT app accessible over network? Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2013-02-25 18:32 -0500
Re: PyQT app accessible over network? Chris Angelico <rosuav@gmail.com> - 2013-02-26 17:26 +1100
Re: PyQT app accessible over network? Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2013-02-22 19:20 -0500
Re: PyQT app accessible over network? Chris Angelico <rosuav@gmail.com> - 2013-02-23 11:32 +1100
Re: PyQT app accessible over network? Alec Taylor <alec.taylor6@gmail.com> - 2013-02-24 20:00 +1100
csiph-web