> So, my first guess is that if I doesn't give him any user credentials > presents on SapDB (neither dbm nor database users), he cannot > perform any > access to the RDBMS with conventional tools. Is this right?
True. But there are some plans to allow root to act as a dbm user without any additional authentification. This would make it possible to stop all databases during system shutdown and to start selected databases during boot without having to store the dbm user and password in a script. > Moreover, I've opened a DISKD000X file with a text editor and I was > "shocked" by the fact that all the data are simply gettable > with a few of > sed or awk code (they are in clear-text). One way to solve this is, > obviously, to crypt the content with the business logic of my > application, > but maybe there are other mechanisms to accomplish the same > results with a > proper configuration of SapDB... any suggestion here? The are some changes being made to the permissions in MaxDB 7.5 to give more fine grained access to the database files. But this won't help you with your problem if being administrator means being root. Crypting the content in the application does affect the SQL you are able to use. Sorting probably won't work, implicit conversions between ASCII and UNICODE won't work as expected etc. One idea would be building a custom SAP DB / MaxDB where whole pages are crypted during I/O. It is probably even possible to change the crypt key for the whole database occasionally by converting all the pages. Daniel Dittmar -- Daniel Dittmar SAP Labs Berlin [EMAIL PROTECTED] -- MaxDB Discussion Mailing List For list archives: http://lists.mysql.com/maxdb To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
