From: Hans-Albert Schneider <Hans-Albert.Schneider@mchp.siemens.de>
To: Margaret BRIERTON <margaret@retriever.com.au>
Cc: gnats-devel@sources.redhat.com
Subject: Re: dbase security
Date: Thu, 12 Jul 2001 04:27:00 -0000 [thread overview]
Message-ID: <15181.35240.736840.686484@mail-g.mchp.siemens.de> (raw)
In-Reply-To: <3B4D4ED4.262077C9@retriever.com.au>
>>>>> "MB" == Margaret BRIERTON <margaret@retriever.com.au> writes:
MB> Hi I've tried and changed the security on my database by
MB> restricting the IP address in the file gnatsd.conf.
MB> I also want to restrict a user to have only view access
MB> in the gnatsd.acces file.
MB> When i try and log in i get the follwing error:
MB> Error: Couldn't connect to gnats server
MB> host localhost, port 1529
MB> access denied
MB> Why is this?
You probably did not list localhost (or 127.0.0.1) in
gnatsd.conf, and have an entry of "*:deny:".
MB> Plus it seems that the userid can override the ip address
MB> ie the access file can override the conf
MB> file..............does this make sense??????????????
(The following applies to 3.113; it might have changed with 4.x)
The check for the IP address is done when the client tries to
establish the connection, i.e., before user authentication can
happen. If the access level for the client machine is "deny",
then the connection is rejected (this seems to have happened with
localhost).
If the access level for the client machine is at least "none",
then a user (or gnatsweb or some other program on behalf of the
user) gets the opportunity to log in. The access level
(permissions) of the user are the *maximum* of the access levels
granted to the client machine in gnatsd.conf and granted to the
userid in gnatsd.access.
Hans-Albert
--
Hans-Albert Schneider <Hans-Albert.Schneider@mchp.siemens.de>
Siemens AG phone: (+49) 89 636 45445
Corporate Technology fax: (+49) 89 636 42284
Munich, Germany
-- To get my public PGP key, send me a mail with subject "send key" --
prev parent reply other threads:[~2001-07-12 4:27 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-07-04 5:38 mail adresses concatenated without commas in between Hans Drexler
2001-07-06 7:05 ` Milan Zamazal
2001-07-09 0:18 ` Hans Drexler
2001-07-12 0:18 ` dbase security Margaret BRIERTON
2001-07-12 4:27 ` Hans-Albert Schneider [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=15181.35240.736840.686484@mail-g.mchp.siemens.de \
--to=hans-albert.schneider@mchp.siemens.de \
--cc=gnats-devel@sources.redhat.com \
--cc=margaret@retriever.com.au \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).