At 08:24 PM 7/05/2004 -0600, you wrote:

>The only thing that is actual security is the
>username/password system preventing illicit access.

And anyone depending on an 8-byte password for security wants his head read.

>I recall several hosting places (like multimania / lycos) complaining they
>didn't want
>firebird/interbase on their servers (with, instead of mysql) because
>anyone with a valid
>username/password could look at the metadata (though not the data) of
>other users' databases.

Which isn't true - unless they chose to leave the SYSDBA password as
'masterkey'. Nevertheless, if they chose to expose their servers to
brute-force attack, it would be neither here nor there.

>They seemed to think that at least "trade secrets" (or somesuch) would
>become exposed (metadata is data, thus valuable.)

If I protect my metadata with SQL permissions, you can't read it unless you
can find out the server's SYSDBA password or a username and password that
has permissions in my database. The problem on co-hosting services is
that, if they give the SYSDBA password to all of their customers, then all
of their customers can look at one another's data - both user and
metadata. The solution is pretty easy: if you're shopping for a hosting
service, don't choose a service that lets you have the SYSDBA
password. They clearly don't know what they're doing. And if you're the
customer, it behoves you to take care of object ownership and SQL privs -
what's created as defaults by CREATE DATABASE isn't enough if others have
high access to the server you're running it on.

However, you have no protection from the staff of the hosting service, no
matter what you do. There's the rub. Whom can you trust, really?

/heLen