Annonymous Coward (me@[EMAIL PROTECTED]
) writes:
> Not to put too fine a point on it (i.e. to be blunt). I don't want end
> users looking "inside" the database (i.e. to see table names, stored
> proc names, and be able to analyse stored proc logic etc). Additionally,
> I do not want them to be able to run my stored procs (outside the app),
> in order to attempt to modify/hack the database - apart from
> intellectual copyright issues, sup****t/maintenance will become a
> nightmare, if users are able to access the database (outside of my app),
> and "hack around".
I'm still not clear over the scenario. Do you work with an application
that is used inside a cor****ation and you don't want regular users to
access the database outside the application, but you agree to permit
sysadmin people to access it? Or do you sell a general product, and
don't want your customers to access your database outside the application?
Since you talk about intellectual property rights, I assume that this is
your case.
Again, there is no way that you can prevent anyone who has sysadmin
rights to access your database. You can make things more difficult
by adding the WITH ENCRYPTION clause to stored procedure, but this is
not encryption, only obfustication, and methods to regain the clear
text of the procdures can easily be found on Google.
> What I currently have (my existing PostgreSQL solution), is that I use
> roles grants and sufficiently 'hard' passwords, which are stored
> (encrypted) in my application modules.
But this is not secure. It the application can decrypt the password, so
can the user, because the application must get the decryption key from
somewhere the user has read access.
You can achieve the same in SQL Server with application roles, but as I
pointed out in my previous post, this is not a secure solution on a
two-tier application, unless security by obscurity is good enough for
you.
> I want to know if I can have a similar security scheme using SSE. I
> would like to know whether the administrator of a machine can still
> "overide" my security and "use" my database (outside my app), even
> though I have grants for specific roles (which require passwords) on the
> database objects?
Yes, they can. And without having seen PostgreSQL, I would be very
surprised
if the case is the not same there.
In any case, the one place where you should regulate undesired access to
the database is the license and sup****t agreements.
--
Erland Sommarskog, SQL Server MVP, esquel@[EMAIL PROTECTED]
Online for SQL Server 2005 at
http://www.microsoft.com/technet/prodtechnol/sql/2005/downloads/books.mspx
Books Online for SQL Server 2000 at
http://www.microsoft.com/sql/prodinfo/previousversions/books.mspx
|
