Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #52322
| Path | csiph.com!newsfeed.hal-mli.net!feeder3.hal-mli.net!newsfeed.hal-mli.net!feeder1.hal-mli.net!newsfeed.xs4all.nl!newsfeed2.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail |
|---|---|
| Return-Path | <python-python-list@m.gmane.org> |
| X-Original-To | python-list@python.org |
| Delivered-To | python-list@mail.python.org |
| X-Spam-Status | OK 0.002 |
| X-Spam-Evidence | '*H*': 1.00; '*S*': 0.00; 'subject:Python': 0.06; '(python': 0.07; 'happens.': 0.09; 'received:80.91': 0.09; 'received:80.91.229': 0.09; 'received:gmane.org': 0.09; 'received:list': 0.09; 'assume': 0.14; "(i'm": 0.16; '>to': 0.16; 'accepts': 0.16; 'accesses': 0.16; 'cookies': 0.16; 'https': 0.16; 'localhost': 0.16; 'message-id:@4ax.com': 0.16; 'received:80.91.229.3': 0.16; 'received:plane.gmane.org': 0.16; 'specific,': 0.16; 'ssh': 0.16; 'sat,': 0.16; 'machine': 0.22; 'settings': 0.22; 'aug': 0.22; 'this?': 0.23; 'url:home': 0.24; 'server.': 0.24; '(or': 0.24; 'handling': 0.26; 'header:X -Complaints-To:1': 0.27; 'rest': 0.29; 'workaround': 0.31; 'run': 0.32; 'running': 0.33; 'becomes': 0.33; 'there': 0.35; 'charset :us-ascii': 0.36; 'responsible': 0.36; 'application': 0.37; 'remote': 0.38; 'connections': 0.38; 'to:addr:python-list': 0.38; 'hosted': 0.39; 'to:addr:python.org': 0.39; 'received:org': 0.40; 'users': 0.40; 'how': 0.40; 'wish': 0.70; 'secure': 0.71; 'online': 0.71; 'listening': 0.74; 'reasons,': 0.91; 'received:108': 0.93; '2013': 0.98 |
| X-Injected-Via-Gmane | http://gmane.org/ |
| To | python-list@python.org |
| From | Dennis Lee Bieber <wlfraed@ix.netcom.com> |
| Subject | Re: Python 3 and SSH Tunnel |
| Date | Sat, 10 Aug 2013 16:16:31 -0400 |
| Organization | IISS Elusive Unicorn |
| References | <092fdbf5-1db3-4ea5-82ee-4b02cec80dc6@googlegroups.com> <fb11865f-5972-4277-a67c-8bfd83cbade9@googlegroups.com> |
| Mime-Version | 1.0 |
| Content-Type | text/plain; charset=us-ascii |
| Content-Transfer-Encoding | 7bit |
| X-Gmane-NNTP-Posting-Host | adsl-108-68-178-245.dsl.klmzmi.sbcglobal.net |
| X-Newsreader | Forte Agent 6.00/32.1186 |
| X-No-Archive | YES |
| X-BeenThere | python-list@python.org |
| X-Mailman-Version | 2.1.15 |
| Precedence | list |
| List-Id | General discussion list for the Python programming language <python-list.python.org> |
| List-Unsubscribe | <http://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe> |
| List-Archive | <http://mail.python.org/pipermail/python-list/> |
| List-Post | <mailto:python-list@python.org> |
| List-Help | <mailto:python-list-request@python.org?subject=help> |
| List-Subscribe | <http://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe> |
| Newsgroups | comp.lang.python |
| Message-ID | <mailman.437.1376165800.1251.python-list@python.org> (permalink) |
| Lines | 25 |
| NNTP-Posting-Host | 2001:888:2000:d::a6 |
| X-Trace | 1376165800 news.xs4all.nl 15989 [2001:888:2000:d::a6]:51331 |
| X-Complaints-To | abuse@xs4all.nl |
| Xref | csiph.com comp.lang.python:52322 |
Show key headers only | View raw
On Sat, 10 Aug 2013 03:39:49 -0700 (PDT), "D. Xenakis"
<gouzounakis@hotmail.com> declaimed the following:
>What about the security though?
>
>To be specific, i need to create an application (python 3.3 strictly) where users will save/load their settings online to a remote hosted database. I do not wish to change the database from listening to any other thing than localhost for security reasons, so i assume the best solution for me would be to make the program create some ssh tunnels before the saving/loading happens.
>
>But would this policy make my database (or the rest of the databases that im running on that machine) unsecure? Is there any workaround this?
>
>How would you do that online saving/loading?
You run a "server" on the database machine which accepts the save/load
connections from the remote users -- it then accesses the (now) local
database for the settings information.
How you secure the "server" becomes part of your protocol... HTTPS with
a login/password scheme? (I'm presuming the users won't be seeing a web
page, so cookies might be a non-starter for the session; instead you'd need
the user login/password for all traffic). Your "server" then becomes
responsible for handling all validation, and the database is still just
localhost to the server.
--
Wulfraed Dennis Lee Bieber AF6VN
wlfraed@ix.netcom.com HTTP://wlfraed.home.netcom.com/
Back to comp.lang.python | Previous | Next — Previous in thread | Find similar | Unroll thread
Python 3 and SSH Tunnel "D. Xenakis" <gouzounakis@hotmail.com> - 2013-08-08 12:30 -0700
Re: Python 3 and SSH Tunnel Skip Montanaro <skip@pobox.com> - 2013-08-08 15:03 -0500
Re: Python 3 and SSH Tunnel Chris Angelico <rosuav@gmail.com> - 2013-08-08 23:54 +0100
Re: Python 3 and SSH Tunnel "D. Xenakis" <gouzounakis@hotmail.com> - 2013-08-08 17:46 -0700
Re: Python 3 and SSH Tunnel Chris Angelico <rosuav@gmail.com> - 2013-08-09 01:56 +0100
Re: Python 3 and SSH Tunnel Bernd Waterkamp <Bernd-Waterkamp@web.de> - 2013-08-09 18:40 +0200
Re: Python 3 and SSH Tunnel "D. Xenakis" <gouzounakis@hotmail.com> - 2013-08-08 17:50 -0700
Re: Python 3 and SSH Tunnel Chris Angelico <rosuav@gmail.com> - 2013-08-09 01:57 +0100
Re: Python 3 and SSH Tunnel "D. Xenakis" <gouzounakis@hotmail.com> - 2013-08-10 03:39 -0700
Re: Python 3 and SSH Tunnel Veritatem Ignotam <veritatem.ignotam@gmail.com> - 2013-08-10 14:29 -0400
Re: Python 3 and SSH Tunnel Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2013-08-10 16:16 -0400
csiph-web