[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: access control (was Re: modular database backends)
From: |
Milan Zamazal |
Subject: |
Re: access control (was Re: modular database backends) |
Date: |
11 Jun 2001 16:58:20 +0200 |
User-agent: |
Gnus/5.09 (Gnus v5.9.0) Emacs/21.0.103 |
>>>>> "PN" == Peter Novodvorsky <address@hidden> writes:
PN> 1). i don't like that client can pass without authentication
PN> phase. If he want to login as anonymous, he has to do it. IE,
PN> USER anonymous address@hidden
Hm, are there any *real* benefits of this except it's annoying during
debugging? :-)
PN> 2). I don't like that check of user/password is made by gnatsd
PN> and not by "database driver". I mean that function that
PN> authentificates user isn't called by init_gnats that actually
PN> connects to database, but after it. Access control is done by
PN> gnatsd, and not by database driver.
IMO this is implied by the fact that there are actually several
authentication methods in GNATS. The "built-in" methods are file system
permissions and the gnatsd mechanism. Since gnatsd is supposed to be
the only method of accessing GNATS through network, I can't see anything
much wrong in that gnatsd performs *the* authentication.
PN> 3). There is no access control for query-pr, send-pr and
PN> edit-pr. This is close to the subject of 2)., because
PN> authentification is made on the side of client, not on the side
PN> of database.
I'd consider this a feature. It's sometimes useful to be able to access
GNATS data based on the file system permissions. If you don't like
that, simply chmod go-rwx the database directory and force users to
access the database via query-pr etc. connections to localhost, thus
moving the authentication to gnatsd (single place).
PN> 4). I want that some bugs can be edited only by group of
PN> developers. It can't be done in current version.
I think this complaint is legitimate.
PN> Is it enough? ;-)
Pardon my ignorance. :-) Generally, I'd be curious whether your problems
come from a real experience or you just think only on a theoretical
level. My experience with running BTS is that the more access control
the more problems (the first one being users don't bother to use the
BTS). There is no access control in the Debian BTS and it works well.
In one company I used GNATS we had simply full intranet access and in
another one we had to introduce more regulations to protect the system
from incompetent people (but the incompetence was a problem itself and I
had to leave the company because it annoyed me too much).
I don't say some things shouldn't be improved but it's a low priority
issue for me. For instance, I consider the modular database backends
problem much more important and useful than the access control features.
Regards,
Milan Zamazal
--
It's amazing how much better you feel once you've given up hope.
(unknown source)
- Re: access control (was Re: modular database backends),
Milan Zamazal <=