[Mulgara-dev] [Topaz-dev] Mulgara Security

Amit Kapoor amitkapoor at mindspring.com
Thu Mar 13 02:04:49 UTC 2008


On Wed, Mar 12, 2008 at 02:38:10PM -0700, Russell Uman wrote:
> Does mulgara currently have, or will it have in a future release, any way to 
> restrict access with some kind of password auth?
> 
> It strikes me that currently anyone who manages to get a shell on a machine that 
> can connect to mulgara (mulgara server itself, any pubapp, *and* the backup 
> server in our current implementation) can connect and run random itql queries 
> with no restriction if they are familiar with mulgara.
> 
> having come to this realization, i can make the current set up a little more 
> secure by getting rid of the connection from backup server to mulgara, but it's 
> still a little scary...

    More appropriate for the mulgara mailing list.

    regards



More information about the Mulgara-dev mailing list