On April 22, 2004 04:58, Karsten Hilbert wrote:
> >
> > How, exactly, is that?
>
> a) it seems SQL ledger wants to store data in PostgreSQL
It is the prefred database but I think you can use others.
> b) I assume it wants to store *financial* data
Yes It is an accounting package.
> c) local/all/trust means *all* *local* users are *trusted*, eg
> don't require any authentication, hence system account foo
> can access *all* databases (including the SQL-ledger one)
> even though foo does not have a corresponding DB account
>
> Assuming, that there aren't any schema level restrictions
> (GRANTs) set up which may or may not be the case. Forgot to
> mention that point earlier on.
>
> Or am I missing something ?
I think the SQL-ledger docs were thinking in terms of a stand alone system. My
asking this question has gotten some interesting discoution of authentication
and security. I used the suggestion on mapping the users So postgress would
be able to relate to the SQL ledger user and the allowed postgress user. This
meant that SQL-ledger may access the database without open the database to
attack. Much better solution for sure.
--
Thanks for the help.
Shanta McBain
Http://computersystemconsulting.ca Web hosting and Application Hosting.
