[Mulgara-dev] [Topaz-dev] Mulgara Security
Amit Kapoor
amitkapoor at mindspring.com
Thu Mar 13 02:56:45 UTC 2008
Apologies. I should have copied him.
regards
On Wed, Mar 12, 2008 at 07:55:21PM -0700, William Mills wrote:
> Is Russell on the Mulgara-Dev list?
>
> ----- Original Message ----
> From: Amit Kapoor <amitkapoor at mindspring.com>
> To: topaz-dev at topazproject.org; mulgara-dev at mulgara.org
> Sent: Wednesday, March 12, 2008 7:04:49 PM
> Subject: Re: [Mulgara-dev] [Topaz-dev] Mulgara Security
>
> On Wed, Mar 12, 2008 at 02:38:10PM -0700, Russell Uman wrote:
> > Does mulgara currently have, or will it have in a future release, any way to
> > restrict access with some kind of password auth?
> >
> > It strikes me that currently anyone who manages to get a shell on a machine that
> > can connect to mulgara (mulgara server itself, any pubapp, *and* the backup
> > server in our current implementation) can connect and run random itql queries
> > with no restriction if they are familiar with mulgara.
> >
> > having come to this realization, i can make the current set up a little more
> > secure by getting rid of the connection from backup server to mulgara, but it's
> > still a little scary...
>
> More appropriate for the mulgara mailing list.
>
> regards
> _______________________________________________
> Mulgara-dev mailing list
> Mulgara-dev at mulgara.org
> http://mulgara.org/mailman/listinfo/mulgara-dev
>
>
>
> _______________________________________________
> Mulgara-dev mailing list
> Mulgara-dev at mulgara.org
> http://mulgara.org/mailman/listinfo/mulgara-dev
More information about the Mulgara-dev
mailing list