Beefy Boxes and Bandwidth Generously Provided by pair Networks
Keep It Simple, Stupid
 
PerlMonks  

Re: Re: Secure ways to use DBI?

by mpeppler (Vicar)
on Apr 17, 2003 at 15:37 UTC ( [id://251236]=note: print w/replies, xml ) Need Help??


in reply to Re: Secure ways to use DBI?
in thread Secure ways to use DBI?

Defer all direct database access to a middle-tier process that prompts for a user at startup.
I'm in the process of building something like that at the moment. Essentially it's an internal web server that accepts connections from hosts on the local net. This process connects to the Sybase database with a specific user/password that is only allowed to execute stored procedures. Each stored procedure checks and that the remote user/host that wants to execute it is authorized to do so.

It's probably not completely fool-proof, but it greatly limits the damages that any compromise of the front-end web servers could cause.

Michael

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://251236]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others wandering the Monastery: (4)
As of 2024-03-29 08:55 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found