| Subject | Re: [Firebird-Architect] Re: [Firebird-admin] Re: [Firebird-devel] Common Message Repository |
|---|---|
| Author | Alex Peshkov |
| Post date | 2005-11-09T11:22:22Z |
Si Carter wrote:
supported on database level. What a sense in disallowing _particular
user_ to login from specific set of IP addresses? Denied list should be
done at firewall level.
But this is really a problem - what to do if coteries list is empty? For
backward compatibility it's necessary to enable connection from any IP
in that case. Or force additon of 0.0.0.0/0 by default. Or it may be
controlled by configuration parameter - DenyAccessWithEmpyCoteriesList.
>>-----Original Message-----It's all was about allowed list. Denied list is not supposed to be
>>
>>
>It might be nice to have an allowed list of IPs as well as a denied list.
>At least DBAs could easily work on the assumption that everything is denied
>unless specifically allowed.
>
>
>
supported on database level. What a sense in disallowing _particular
user_ to login from specific set of IP addresses? Denied list should be
done at firewall level.
But this is really a problem - what to do if coteries list is empty? For
backward compatibility it's necessary to enable connection from any IP
in that case. Or force additon of 0.0.0.0/0 by default. Or it may be
controlled by configuration parameter - DenyAccessWithEmpyCoteriesList.