Subject Re: [IBDI] Internet
Author John Culleton
Peter Morris wrote:

>> I don't know what isp's usually provide. I would think if one lets you
> run
>> a database they would also give you a ssh shell account you could
>> administer it from. Does this address the problem you are trying to
> solve?
> Hi
> However the ISP would decide to allow access to the database, they would
> need to allow me to administer it remotely in some form or other. If this
> database server is shared with other customers then I will be able to get
> information on their databases (meta data etc) providing I can register
> their databases.
> My question is
> A) Is it easy for someone to check which databases are available ?
> B) If it isn't then there should be no problem, but if it is then is it
> possible to stop people without authorisation from extracting my meta-data ?
> Pete

AFAIK only the SYSDBA and the table owner can extract the
metadata. Read the references to permissions and security in the
Interbase docs if you have them.

On a Unix/Linux web host it is easy to prevent users from even seeing
the particular dbms through file and directory permissions.

On an Apache server setup you could allow users access only through an
html page which calls a cgi program. You write the cgi program and put
the necessary passwords etc. in the cgi which itself would not be
readable by the user. Users cannot directly access the cgi-bin directory.

Bottom line there are lots of ways to lock things up tight. I think
three levels of protection are enough.

John Culleton