[Xastir] Fetch Findu Trail
Steve Dimse
k4hg at tapr.org
Tue May 27 14:26:05 EDT 2003
On 5/27/03 at 10:44 AM hacker at tc.fluke.com (Curt Mills, WE7U) sent:
>Problem is, I didn't want to add a feature into Xastir at the time
>that would depend on yet another login/password requirement and
>require more libraries to be linked in. I wanted a more generic
>feature that anybody would be able to use.
That's fine, the web is easier for me anyway, but the idea was that since the
queries would be coded into the xastir source, rather than entered by users,
there would be a single xastir login which would be coded into the program.
Granted, not high security, anyone that wanted could find the user/pass within
the code and use it. The idea behind closing the guest mysql account and going
to individual logins was not to close the database, but to add accountability.
MySQL has a "slow query" log, which lists all the queries that took more than n
seconds (I use 10). A log showing "guest" does nothing to help me track down
offenders.
If xastir ever did decide to use direct access for any reason, I can give a
password, though if someone were to use it for nefarious purposes I could not
always guarantee I could leave it open...one of the problems with open source.
Steve K4HG
More information about the Xastir
mailing list