[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Security Implementation in Ozone
Falko,
I've created a version of Ozone where you can specify an allowable IP address for clients. It's just a quick fix, but I'll add some fancier rules later.
I wrote it for .55 originally and then merged it with last nights CVS version on my machine. Ofcourse it didn't compile, so when I get home tonight I'll update my CVS tree and merge it with that and send you a patch.
I'm thinking of someway to create a nice clean authentication pattern, so different models can just be plugged in.
As I'm using the XML part of Ozone for my project, I'm looking forward to have a look at your new API.
On Mon, 11 Sep 2000 14:27:10 +0200
Falko Braeutigam <falko@smb-tec.com> wrote:
> On Mon, 11 Sep 2000, Pelle Braendgaard wrote:
> > I'm working on an opensource financial application
> (http://neudist.org)
> > using Ozone.
> Wow, great! What kind of things do you plan to do with
> ozone?
>
> > I have been having strange problems with the
> permissions and user
> > database etc in Ozone.
> > As I'd like to help out with Ozone, I've been going
> through the source code
> > trying to find out whats going on, at it looks like
> Security hasn't been
> > worked on too much at the moment.
> This is true. Security hasn't been an issue for us yet so
> we did not focus on
> it. Our first approach was to completely rely on the
> security features of the
> underlying OS. But in some cases this doesn't work. So we
> introduced the login
> with name and passwd. But no work has been done here yet
> to support this.
>
> > Who has been working on Security. What priorities and
> design ideas do you
> > have for Security. Or should I just go ahead and come
> up with my own
> > suggestion.
> This would be great!
>
>
> Falko
> --
> ______________________________________________________________________
> Falko Braeutigam
> mailto:falko@smb-tec.com
> SMB GmbH
> http://www.smb-tec.com
>