RE: how do i encrypt the .frm file with a password
David I suggest you need to go back to first principles on Unix security, applications, and Mysql users. Firstly and Mysql user is not necessarily a Unix user and vica-versa. The simplest way to prevent anyone being able to access a file in Unix is simply to remove the relevant permissions from the file. If you have Mysql running under the user mysql and you set the permissions as 700 (rwx --- ---) on the database directories and files then only the mysql user, which the mysqld deamon runs as has permission to access them. If it's simply a case of protecting tables then you just need to grant the appropriate permissions to that Mysql user. Removing update privilege means they can't change anything, removing delete privilege means they can't remove anything, removing insert privilege means they can't add anything, and removing select privilege means they can't access the table. Kevin Cowley RD Tel: 0118 902 9099 (direct line) Email: [EMAIL PROTECTED] Web: http://www.alchemetrics.co.uk -Original Message- From: David Crane [mailto:[EMAIL PROTECTED] Sent: 11 May 2004 17:45 To: [EMAIL PROTECTED] Subject: how do i encrypt the .frm file with a password I need to provide some security to a database that I am working on. This database will be distributed and I need to prevent users from being able to simply copy the files and being able to have complete access to it. I want to do this: Encrypt the `.frm' file with a password. This option doesn't do anything in the standard MySQL version. (http://dev.mysql.com/doc/mysql/en/CREATE_TABLE.html) I have recompiled mysql to enable 64 indexes on a table. So, recompiling it is not a problem. Do I need a custom version or MaxDB? -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED] ** ALCHEMETRICS LIMITED (ALCHEMETRICS) Mulberry Park, Fishponds Road, Wokingham, Berkshire, RG41 2GX Tel: +44 (0) 118 902 9000Fax: +44 (0) 118 902 9001 This e-mail is confidential and is intended for the use of the addressee only. If you are not the intended recipient, you are hereby notified that you must not use, copy, disclose, otherwise disseminate or take any action based on this e-mail or any information herein. If you receive this transmission in error, please notify the sender immediately by reply e-mail or by using the contact details above and then delete this e-mail. Please note that e-mail may be susceptible to data corruption, interception and unauthorised amendment. Alchemetrics does not accept any liability for any such corruption, interception, amendment or the consequences thereof. ** -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Re: how do i encrypt the .frm file with a password
At 12:45 -0400 5/11/04, David Crane wrote: I need to provide some security to a database that I am working on. This database will be distributed and I need to prevent users from being able to simply copy the files and being able to have complete access to it. I want to do this: Encrypt the `.frm' file with a password. This option doesn't do anything in the standard MySQL version. As far as I know, this was done long ago for one specific customer and is not generally implemented. -- Paul DuBois, MySQL Documentation Team Madison, Wisconsin, USA MySQL AB, www.mysql.com -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Re: how do i encrypt the .frm file with a password
This will be distributed on Windows computers and not unix/linux. David Crane [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] I need to provide some security to a database that I am working on. This database will be distributed and I need to prevent users from being able to simply copy the files and being able to have complete access to it. I want to do this: Encrypt the `.frm' file with a password. This option doesn't do anything in the standard MySQL version. (http://dev.mysql.com/doc/mysql/en/CREATE_TABLE.html) I have recompiled mysql to enable 64 indexes on a table. So, recompiling it is not a problem. Do I need a custom version or MaxDB? -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
RE: how do i encrypt the .frm file with a password
Which OS? Doesn't 2000/2000 pro allow you to run a service as one user with similar access restrictions but allow other users to connect to the service? Kevin Cowley RD Tel: 0118 902 9099 (direct line) Email: [EMAIL PROTECTED] Web: http://www.alchemetrics.co.uk -Original Message- From: David Crane [mailto:[EMAIL PROTECTED] Sent: 11 May 2004 18:21 To: [EMAIL PROTECTED] Subject: Re: how do i encrypt the .frm file with a password This will be distributed on Windows computers and not unix/linux. David Crane [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] I need to provide some security to a database that I am working on. This database will be distributed and I need to prevent users from being able to simply copy the files and being able to have complete access to it. I want to do this: Encrypt the `.frm' file with a password. This option doesn't do anything in the standard MySQL version. (http://dev.mysql.com/doc/mysql/en/CREATE_TABLE.html) I have recompiled mysql to enable 64 indexes on a table. So, recompiling it is not a problem. Do I need a custom version or MaxDB? -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED] ** ALCHEMETRICS LIMITED (ALCHEMETRICS) Mulberry Park, Fishponds Road, Wokingham, Berkshire, RG41 2GX Tel: +44 (0) 118 902 9000Fax: +44 (0) 118 902 9001 This e-mail is confidential and is intended for the use of the addressee only. If you are not the intended recipient, you are hereby notified that you must not use, copy, disclose, otherwise disseminate or take any action based on this e-mail or any information herein. If you receive this transmission in error, please notify the sender immediately by reply e-mail or by using the contact details above and then delete this e-mail. Please note that e-mail may be susceptible to data corruption, interception and unauthorised amendment. Alchemetrics does not accept any liability for any such corruption, interception, amendment or the consequences thereof. ** -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Re: how do i encrypt the .frm file with a password
Since this database will be distributed, our users will be administrators. If they are able to copy the files to another computer and set up mysql themselves, they could get access to the entire database directly and export any or all data. Configuring the service to run as a different user would not prevent this. And, they would have access to the files as administrator. As I see it, the passwords for users are only used by the service itself and passwords are not applied to the files themselves. As for operating systems, we are going to support Windows NT, 2000, XP. David Crane [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] I need to provide some security to a database that I am working on. This database will be distributed and I need to prevent users from being able to simply copy the files and being able to have complete access to it. I want to do this: Encrypt the `.frm' file with a password. This option doesn't do anything in the standard MySQL version. (http://dev.mysql.com/doc/mysql/en/CREATE_TABLE.html) I have recompiled mysql to enable 64 indexes on a table. So, recompiling it is not a problem. Do I need a custom version or MaxDB? -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
RE: how do i encrypt the .frm file with a password
if the data is the concern, not the data structure, why not encrypt the data itself? -Original Message- From: David Crane [mailto:[EMAIL PROTECTED] Sent: Tuesday, May 11, 2004 2:15 PM To: [EMAIL PROTECTED] Subject: Re: how do i encrypt the .frm file with a password Since this database will be distributed, our users will be administrators. If they are able to copy the files to another computer and set up mysql themselves, they could get access to the entire database directly and export any or all data. Configuring the service to run as a different user would not prevent this. And, they would have access to the files as administrator. As I see it, the passwords for users are only used by the service itself and passwords are not applied to the files themselves. As for operating systems, we are going to support Windows NT, 2000, XP. David Crane [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] I need to provide some security to a database that I am working on. This database will be distributed and I need to prevent users from being able to simply copy the files and being able to have complete access to it. I want to do this: Encrypt the `.frm' file with a password. This option doesn't do anything in the standard MySQL version. (http://dev.mysql.com/doc/mysql/en/CREATE_TABLE.html) I have recompiled mysql to enable 64 indexes on a table. So, recompiling it is not a problem. Do I need a custom version or MaxDB? -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED] -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Re: how do i encrypt the .frm file with a password
Exactly. Think HIPAA and the methods used to secure data from the priying eyes of DBAs (supposedly) under HIPAA/Security. Dan Greene wrote: if the data is the concern, not the data structure, why not encrypt the data itself? -Original Message- From: David Crane [mailto:[EMAIL PROTECTED] Sent: Tuesday, May 11, 2004 2:15 PM To: [EMAIL PROTECTED] Subject: Re: how do i encrypt the .frm file with a password Since this database will be distributed, our users will be administrators. If they are able to copy the files to another computer and set up mysql themselves, they could get access to the entire database directly and export any or all data. Configuring the service to run as a different user would not prevent this. And, they would have access to the files as administrator. As I see it, the passwords for users are only used by the service itself and passwords are not applied to the files themselves. As for operating systems, we are going to support Windows NT, 2000, XP. David Crane [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] I need to provide some security to a database that I am working on. This database will be distributed and I need to prevent users from being able to simply copy the files and being able to have complete access to it. I want to do this: Encrypt the `.frm' file with a password. This option doesn't do anything in the standard MySQL version. (http://dev.mysql.com/doc/mysql/en/CREATE_TABLE.html) I have recompiled mysql to enable 64 indexes on a table. So, recompiling it is not a problem. Do I need a custom version or MaxDB? -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED] -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Re: how do i encrypt the .frm file with a password
I was considering encrypting the data itself. However, that would impact performance and our ability to compress it. We are using access now and it is a 5 cd install. I was hoping I could get away with password protecting the files to provide some security. David Crane [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] I need to provide some security to a database that I am working on. This database will be distributed and I need to prevent users from being able to simply copy the files and being able to have complete access to it. I want to do this: Encrypt the `.frm' file with a password. This option doesn't do anything in the standard MySQL version. (http://dev.mysql.com/doc/mysql/en/CREATE_TABLE.html) I have recompiled mysql to enable 64 indexes on a table. So, recompiling it is not a problem. Do I need a custom version or MaxDB? -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Re: how do i encrypt the .frm file with a password
How would password protecting without encrypting it be meaningful? (Answer: It wouldn't) Look at PGP/GPG encryption, as an example of private/public key encryption. Feed the encryption program uncompressed data and get either keyed or password protected data that is encrypted and compressed. This isn't a MySQL issue, strictly speaking, but I hope this helps you find an answer. references: http://www.pgp.com http://gnupg.org Robert J Taylor [EMAIL PROTECTED] David Crane wrote: I was considering encrypting the data itself. However, that would impact performance and our ability to compress it. We are using access now and it is a 5 cd install. I was hoping I could get away with password protecting the files to provide some security. David Crane [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] I need to provide some security to a database that I am working on. This database will be distributed and I need to prevent users from being able to simply copy the files and being able to have complete access to it. I want to do this: Encrypt the `.frm' file with a password. This option doesn't do anything in the standard MySQL version. (http://dev.mysql.com/doc/mysql/en/CREATE_TABLE.html) I have recompiled mysql to enable 64 indexes on a table. So, recompiling it is not a problem. Do I need a custom version or MaxDB? -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
