Path: csiph.com!newsfeed.hal-mli.net!feeder3.hal-mli.net!newsfeed.hal-mli.net!feeder1.hal-mli.net!newsfeed.xs4all.nl!newsfeed1.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.026 X-Spam-Evidence: '*H*': 0.95; '*S*': 0.00; 'subject:Python': 0.06; '(python': 0.07; 'happens.': 0.09; 'permissions': 0.09; 'missed': 0.12; 'assume': 0.14; 'thread': 0.14; 'localhost': 0.16; 'specific,': 0.16; 'ssh': 0.16; 'wrote:': 0.18; 'properly': 0.19; 'settings': 0.22; 'this?': 0.23; 'header:User-Agent:1': 0.23; 'earlier': 0.24; '(or': 0.24; 'header:In-Reply-To:1': 0.27; 'rest': 0.29; 'am,': 0.29; "i'm": 0.30; 'workaround': 0.31; 'there.': 0.32; 'quite': 0.32; 'running': 0.33; 'but': 0.35; 'received:google.com': 0.35; 'there': 0.35; 'should': 0.36; 'application': 0.37; 'remote': 0.38; 'message-id:@gmail.com': 0.38; 'to:addr:python-list': 0.38; 'hosted': 0.39; 'sure': 0.39; 'to:addr:python.org': 0.39; 'users': 0.40; 'how': 0.40; "you're": 0.61; 'accounts': 0.64; 'account': 0.65; 'wish': 0.70; 'online': 0.71; 'listening': 0.74; 'secured': 0.84; 'reasons,': 0.91 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=1/hWf5p9/xFaxUxIhvDf82K1Cn46tfUCLSCHpKpL09E=; b=YMlOrh36Kw6wjiUZp3oV8ng72CIa7Hs9wkayEpGmXaAdbPnqvivClTCNcdKakbQHtu eFwRg/Cxaf/AtIU8/c0IslR0KGskfV7LNdXLb/+t1mDBgXelygd066ATlHbxg9hnSD73 hyA/vXo2xR7gGUCih2wOe+fwKtJ+6NlflDVa11kVaWvNceHMbTmDeFgsVIh6nU9vi5wK J6EEqIHK+K3QOfqU1o2ZkWVWZOWCwrfoKxmvUuuUpSFCcNXyK955cRN6IDM8dpWIENFZ u7rnCjvUpw3A11Lo46jAXI/sypTlaGujw1zDbgdzNO2lhrThzlxbbCdpB7WoDzoV8hIj /m+g== X-Received: by 10.42.63.207 with SMTP id d15mr6948395ici.21.1376159381771; Sat, 10 Aug 2013 11:29:41 -0700 (PDT) Date: Sat, 10 Aug 2013 14:29:39 -0400 From: Veritatem Ignotam User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/17.0 Thunderbird/17.0 MIME-Version: 1.0 To: python-list@python.org Subject: Re: Python 3 and SSH Tunnel References: <092fdbf5-1db3-4ea5-82ee-4b02cec80dc6@googlegroups.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Sat, 10 Aug 2013 21:23:55 +0200 X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 17 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1376162636 news.xs4all.nl 15865 [2001:888:2000:d::a6]:60638 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python:52316 I think I missed an earlier thread of this and I'm not quite sure what your application is, but properly allocating user permissions on your databases should eliminate any security concerns there. Also, for the tunnel, whether you're using one account or multiple (one for each user), those accounts should be properly secured as well. Ignotus On 08/10/2013 06:39 AM, D. Xenakis wrote: > What about the security though? > > To be specific, i need to create an application (python 3.3 strictly) where users will save/load their settings online to a remote hosted database. I do not wish to change the database from listening to any other thing than localhost for security reasons, so i assume the best solution for me would be to make the program create some ssh tunnels before the saving/loading happens. > > But would this policy make my database (or the rest of the databases that im running on that machine) unsecure? Is there any workaround this? > > How would you do that online saving/loading?