Re: [Gnumed-devel] security & architecture (was Re: Texlive and Gnumed)

gnumed-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnumed-devel] security & architecture (was Re: Texlive and Gnumed)

From:	Karsten Hilbert
Subject:	Re: [Gnumed-devel] security & architecture (was Re: Texlive and Gnumed)
Date:	Thu, 11 Mar 2010 12:18:18 +0100
User-agent:	Mutt/1.5.20 (2009-06-14)

On Wed, Mar 10, 2010 at 08:06:27AM +0100, Gour wrote:

> Otoh, the following comment in /etc/trytond.conf reveals why I am able
> to create database from login dialog: "db_user must have create
> permission for new databases to be able to use automatic database
> creation with the Tryton client."

Which does not have anything to do whatsoever with why any
odd user can *connect* to PostgreSQL in the first case
without any setting up of permissions.

> Moreover, as you can see from
> http://code.google.com/p/tryton/wiki/SSLHowto 
> 
> it is very easy to put SSL in use to secure communication.

Using SSL does not substitute access security.

SSL is enabled by default within GNUmed.

> GNUmed, afaict, is more MVC, client is not really thin and that's why
> it is not the same situation.

This got nothing to do with whether access is secure and
enabled by default.

Karsten
-- 
GPG key ID E4071346 @ wwwkeys.pgp.net
E167 67FD A291 2BEA 73BD  4537 78B9 A9F9 E407 1346

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Gnumed-devel] Re: Texlive and Gnumed, (continued)
- Re: [Gnumed-devel] Texlive and Gnumed, Sebastian Hilbert, 2010/03/07
  - Re: [Gnumed-devel] Texlive and Gnumed, Karsten Hilbert, 2010/03/07

Prev by Date: [Gnumed-devel] Re: Re: GNUmed on Linux Today
Next by Date: [Gnumed-devel] Re: security & architecture
Previous by thread: [Gnumed-devel] security & architecture (was Re: Texlive and Gnumed)
Next by thread: [Gnumed-devel] Re: security & architecture
Index(es):
- Date
- Thread