Beefy Boxes and Bandwidth Generously Provided by pair Networks
Pathologically Eclectic Rubbish Lister

Re: Re: Secure ways to use DBI?

by mpeppler (Vicar)
on Apr 17, 2003 at 15:37 UTC ( #251236=note: print w/replies, xml ) Need Help??

in reply to Re: Secure ways to use DBI?
in thread Secure ways to use DBI?

Defer all direct database access to a middle-tier process that prompts for a user at startup.
I'm in the process of building something like that at the moment. Essentially it's an internal web server that accepts connections from hosts on the local net. This process connects to the Sybase database with a specific user/password that is only allowed to execute stored procedures. Each stored procedure checks and that the remote user/host that wants to execute it is authorized to do so.

It's probably not completely fool-proof, but it greatly limits the damages that any compromise of the front-end web servers could cause.


Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://251236]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others studying the Monastery: (3)
As of 2022-05-27 21:17 GMT
Find Nodes?
    Voting Booth?
    Do you prefer to work remotely?

    Results (97 votes). Check out past polls.