| Subject | RE: [IBDI] Internet |
|---|---|
| Author | Claudio Valderrama C. |
| Post date | 2001-06-06T03:14:16Z |
> -----Original Message-----If you don't register them or even if you register them, it doesn't mean you
> From: Peter Morris [mailto:pmorris@...]
> Sent: Martes 5 de Junio de 2001 12:34
>
> I think both DBs are incorrect, MS SQL should not show the other databases
> unless you register them,
can log into them.
> but IB has the worst case where meta-dataWhat do you consider most valuable, your data or your metadata? The hacker
> (copyrighted information) is extractable without any access
> permission,
will know I have a table CUSTOMER with 8 fields... and SO WHAT?
> andThis is major and known design flaw. In general, metadata operations aren't
> the database may have new tables added !
protected.
> I am sure anyone in the slightest bit concerned (paranoid ?) about theirThis is a problem when you allow people from outside to connect to your db
> database security will agree with me that relying on the hacker not to
> "guess" where a database is is a bad idea. Unix permissions do not come
> into this as it may be a windows machine.
directly. Even the person using the most secure RDBMS would have doubts
about doing such thing.
C.