[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: dbase security

From: Hans-Albert Schneider
Subject: Re: dbase security
Date: Thu, 12 Jul 2001 13:27:36 +0200 (MET DST)

>>>>> "MB" == Margaret BRIERTON <address@hidden> writes:

    MB> Hi I've tried and changed the security on my database by
    MB> restricting the IP address in the file gnatsd.conf.

    MB> I also want to restrict a user to have only view access
    MB> in the gnatsd.acces file.

    MB> When i try and log in i get the follwing error:

    MB> Error: Couldn't connect to gnats server

    MB> host localhost, port 1529
    MB> access denied

    MB> Why is this?

You probably did not list localhost (or in
gnatsd.conf, and have an entry of "*:deny:".

    MB> Plus it seems that the userid can override the ip address
    MB> ie the access file can override the conf
    MB> file..............does this make sense??????????????

(The following applies to 3.113; it might have changed with 4.x)
The check for the IP address is done when the client tries to
establish the connection, i.e., before user authentication can
happen.  If the access level for the client machine is "deny",
then the connection is rejected (this seems to have happened with

If the access level for the client machine is at least "none",
then a user (or gnatsweb or some other program on behalf of the
user) gets the opportunity to log in.  The access level
(permissions) of the user are the *maximum* of the access levels
granted to the client machine in gnatsd.conf and granted to the
userid in gnatsd.access.


Hans-Albert Schneider           <address@hidden>
Siemens AG                      phone:  (+49) 89 636 45445
Corporate Technology            fax:    (+49) 89 636 42284
Munich, Germany
 -- To get my public PGP key, send me a mail with subject "send key" --

reply via email to

[Prev in Thread] Current Thread [Next in Thread]