[Monetdb-developers] Security & usability
Martin.Kersten at cwi.nl
Sun Apr 4 17:37:29 CEST 2004
I didn;t realize I was a comedian ;-)
The default in most systems is to inherit the user name from the
user account. This presupposes a policy to react on any 'new' user,
or to first built de user table for any DB you create.
Storing passwords is only safe if you are assured that the identity
provides the least possible facilities, e.g. like a guest account.
The access permissions are determined at the server side, which
means it can simple ignore the 'guest'
Conclusion. Any default guest name embedded in a front-end
is safe when the DBA has the right to revoke its grants.
(compare with anonymous ftp)
The access policy should be consistent over all entry points
into the system, which means that authorization as currently
in SQL should also apply to MIL interaction.[tobedone]
A central, all product client property file is hard to maintain.
For example, Mknife contains quite a lot of session info
already, while hooking up to AquaDataStudio would lead to
The real solution is that you should always connect the Mserver
with the omnipresent 'guest' account, which ships further
details for interpretation as part of its startup. Eg, we
envisioned that user properties for database interaction could
come from the database.
> After the checkin by Martin (about giving -u and -P default values on
> MapiClient), I had to laugh loudly for a minute (or two) after which I
> had to frown, thinking about the security aspect of this change. Not
> that it changes much, but being a little minded towards a better
> situation is not a bad thing IMHO. (Also for the reputation of monet by
> itself for the outside world)
> Because I regularly get tired of typing long command line arguments as
> well, I propose the following solution, which might fit all kinds of
> What if we would store some preferences we have in a file ~/.monetdb or
> something which can be shared by various applications, like MapiClient,
> JdbcClient, Mserver itself, and maybe any more...
> The file would be simply a properties file containing something like
> which would instruct MapiClient to use sql language with username + pass
> monetdb and tell Mserver when it starts to load the script
> ~/monetdb/start_sql so I for instance would not have to type
> 'module(sql_server);' anymore.
> Of course command line options override these defaults in this .monetdb
> file. It is up to the user to chmod it to 600.
> How about this idea?
> This SF.Net email is sponsored by: IBM Linux Tutorials
> Free Linux tutorial presented by Daniel Robbins, President and CEO of
> GenToo technologies. Learn everything from fundamentals to system
> Monetdb-developers mailing list
> Monetdb-developers at lists.sourceforge.net
More information about the developers-list