jra at baylink.com
Thu Jan 30 19:01:09 UTC 2014
----- Original Message -----
> From: "Gary Buhrmaster" <gary.buhrmaster at gmail.com>
> As Michael Dean has proposed, one should provide an
> external (possibly PHP/apache) front-end authentication/
> authorization application that provides the fine-grained
> and security functions that people should be wanting.
> Just like "the big boys" Oracle/SAP/WorkDay do.
> One can search the archives for the propsal. So you
> don't forget, volunteer before midnight tonight!
I haven't been that programmer for 20 years.
But that doesn't mean my architectural quibble is irrelevant; if the
backend core is processing things that came in from the outside world --
and it's clear that it will be -- then it becomes part of the attack surface.
Jay R. Ashworth Baylink jra at baylink.com
Designer The Things I Think RFC 2100
Ashworth & Associates http://www.bcp38.info 2000 Land Rover DII
St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274
More information about the mythtv-dev