Hi. On Mon, Aug 24, 2009 at 02:59:27PM +0200, Alan DeKok wrote:
George Koulyabin wrote:
On Mon, Aug 24, 2009 at 01:45:11PM +0200, Alan DeKok wrote:
George Koulyabin wrote:
I had got success when 'sql_auth' was defined as last entry into instantiate { }. But I think that this solution is unsecure and wrong. Why is that?
For example, I added new sql-module into sql.conf and forgot to fix order of loading of sql-modules into instantiate { }. I tried to do it. The 'users' used last sql-module of sql.conf. Variable 'sqlmod-inst' is used by 'sqlcounter'-module, but why isn't such variable used into 'files'-module?
(a) That doesn't make it "unsecure".
Your words are true. I can't say that rejecting of authorization is unsecure.
(b) you may have MULTIPLE sql modules, and may be doing MULTIPLE sql group comparisons in the "files" module. Adding one "sqlmod-inst" to the "files" module won't help you try to use MULTIPLE sql modules.
Supposing it were available to use MULTIPLE files modules and unlang, I could use different 'users'-files. In addition, I can use a few virtual servers.