| Subject | Re: [IB-Architect] providers rejects interbase for hosting |
|---|---|
| Author | Jim Starkey |
| Post date | 2001-03-22T13:24:56Z |
At 10:43 AM 3/22/01 +0200, Vince Duggan wrote:
everything that a server is capable of doing should be under
security control, specifically including database and table
creation. Security is not robust until it is "provably"
correct (I don't actually believe for a wit that provability
means anything, but provably insecure is something else).
Or, to apply another test, when a potential customer tells you
he can't use your product, believe him.
Jim Starkey
>Dmitry,commands
>
>I can see their problem, but one should not allow anyone direct access to the
>database. If you do not have direct access, then you cannot execute the
>to create tables, databases etc. All database access is 'hidden' in theweb app,
>i.e by using PHP, Perl or something similar.database
>
>It is simple enough to prevent anyone from connecting directly to the
>from outside: block port 3050 for example.there
>
>If someone can hack in and execute commands directly on the database, then
>is another security problem. InterBase is not the problem in this case.Whether or not allowing physical access to 3050 is a good idea,
>
everything that a server is capable of doing should be under
security control, specifically including database and table
creation. Security is not robust until it is "provably"
correct (I don't actually believe for a wit that provability
means anything, but provably insecure is something else).
Or, to apply another test, when a potential customer tells you
he can't use your product, believe him.
Jim Starkey