| Subject | Re: [firebird-support] Guys! I got it! - Re: Avoiding hard-coding db pass in app - without using db users |
|---|---|
| Author | Doug Chamberlin |
| Post date | 2008-11-10T18:34:18Z |
No major holes I can see.
Seems the weakest point is the decryption of the final password that is
returned from the database. You will have to store the decryption key in
the application and that might be easier to discover than you would like.
The other weakness is the elaborate nature of the entire scheme. Lots of
places for maintenance and, therefore, mistakes to be made.
No matter how you do it, I think the pivotal point is to obtain
something from the legitimate user (a username and pass phrase) and use
that, and only that, to unlock data that yields additional access. This
can be a series of unlocking steps that bootstrap your way to full
access, but the important point is that something is obtained that is
NOT STORED ANYWHERE in order for this unlocking chain of events to succeed.
Good luck working it out!
Seems the weakest point is the decryption of the final password that is
returned from the database. You will have to store the decryption key in
the application and that might be easier to discover than you would like.
The other weakness is the elaborate nature of the entire scheme. Lots of
places for maintenance and, therefore, mistakes to be made.
No matter how you do it, I think the pivotal point is to obtain
something from the legitimate user (a username and pass phrase) and use
that, and only that, to unlock data that yields additional access. This
can be a series of unlocking steps that bootstrap your way to full
access, but the important point is that something is obtained that is
NOT STORED ANYWHERE in order for this unlocking chain of events to succeed.
Good luck working it out!