Subject | RE: [ib-support] Metadata opinions appreciated |
---|---|
Author | Alan McDonald |
Post date | 2003-03-03T08:08:40Z |
someone has to be the administrator of the server. They have to be trusted
with this task. But the server needs to be protected. I mentioned there was
some other tricks that could use on the security database, it's best to have
a complete understanding of it before you attempt any (and always keep a
backup). And yes, the database does have some internal means of protecting
(validating data) but there's never any real protection against someone who
is given permission to do something and totally abuses their trust.
Alan
-----Original Message-----
From: Cassandra Harley [mailto:cass.harley@...]
Sent: Monday, 3 March 2003 7:05 PM
To: ib-support@yahoogroups.com
Subject: RE: [ib-support] Metadata opinions appreciated
Maybe not 'corrupt' the database in an unusable way, but certainly you could
bypass and checks that the programmer had written into the application.
ie test that a TFN is valid (via certain formulaes) before allowing it into
the database.
I guess it could be argued that it is up to the programmer of the original
application to ensure the database is correctly designed. ie a well designed
database should be able to avoid these traps??
To unsubscribe from this group, send an email to:
ib-support-unsubscribe@egroups.com
Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
with this task. But the server needs to be protected. I mentioned there was
some other tricks that could use on the security database, it's best to have
a complete understanding of it before you attempt any (and always keep a
backup). And yes, the database does have some internal means of protecting
(validating data) but there's never any real protection against someone who
is given permission to do something and totally abuses their trust.
Alan
-----Original Message-----
From: Cassandra Harley [mailto:cass.harley@...]
Sent: Monday, 3 March 2003 7:05 PM
To: ib-support@yahoogroups.com
Subject: RE: [ib-support] Metadata opinions appreciated
>The cons of course would be that I could corrupt the database, and gethuh! Did I just write 'newbie' across my forehead?
>access to data that the original programmer never intended that I see.
>
>corrupt the database? how so?
Maybe not 'corrupt' the database in an unusable way, but certainly you could
bypass and checks that the programmer had written into the application.
ie test that a TFN is valid (via certain formulaes) before allowing it into
the database.
I guess it could be argued that it is up to the programmer of the original
application to ensure the database is correctly designed. ie a well designed
database should be able to avoid these traps??
To unsubscribe from this group, send an email to:
ib-support-unsubscribe@egroups.com
Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/