On Friday, January 6, 2006 1129, [EMAIL PROTECTED] wrote: >I agree with Chander and still recommend application-level >database accounts, not one or more direct MySQL logins per >user. That's how most databases storing data with complex >business rules maintain their data integrity. The SQL data >definition language is usually not complex enough to enforce >certain common business relationships so we rely on the >application the users interact with to do it for us. That means >that most users DO NOT have their own private accounts with >MySQL. The "permissions" are enforced programmatically by the >application (usually with the help of one or more private >tables, not actually part of the business data you are trying >to protect).
I had planned to enforce business rules in my application, but give each person their own account so that MySQL could enforce a second layer of security, but I had not been thinking of people trying to subvert the system by bypassing the application. I think I'll reconsider my design. Also, now that version 5 is out, I'll have to think about moving at least some of the rules into triggers so they can't be bypassed. >Most applications require periodic updates anyway (new rules, >new screens, requested changes, etc). It should be possible to >enforce consistent upgrades by changing the application >passwords during each update cycle. That way, you can make sure >that v1.1.13 no longer connects while v1.1.15 or better still >can. Depending on the complexity of your business rules and the >ever-changing nature of business, having version specific >application accounts may be the easiest option to ensure that >the "rules-du-jour" are being properly followed. Good point. >There are various ways to obfuscate the passwords you use in >various versions of each application. Do not leave your >passwords in plain-text in any application leaving your direct >supervision (as in a desktop rollout). Also, if the application >and the database are using a networked connection on an open >network, you should probably encrypt the link (SSL is built >into the MySQL protocols). Even with that said I know that No >program is un-crackable. All you need to achieve is reasonable >security for the application and the sensitivity of your data. I'm going to have to use SSL (or something similar) because plaintext passwords are not allowed on our network, but I haven't gotten that far in my planning. >Shawn Green > Database Administrator > Unimin Corporation - Spruce Pine Thanks for the input. -- John Hoover [EMAIL PROTECTED] 301-890-6932 (H) 202-767-2335 (W) -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
