| Subject | Re: [firebird-support] Deny acces to the user view objects |
|---|---|
| Author | Gustavo Moda |
| Post date | 2009-03-13T13:11:33Z |
2009/3/13 Martijn Tonies <m.tonies@...>
My clients have accessed to SELECT in tables of database, but to
insert, update, delete, drop the objects is denied.
They are seing procedures and trigger, and can understand some
business rules of my software.
Then, exploring source code, they can manipulate some informations.
How can I get better security in the database?
Regards
>Hi, thanks for asnwer.
> Hi,
>
> > I would like to deny access to the user the view ddl of objects the
> > database
> > (views, procedures, tables) and list only objects granted.
> >
> > Is it possible?
>
> No, that is, tables etc can always be viewed, the actual Stored Procedure,
> Trigger, View and Check Constraint code can be removed from the database
> by updating the system tables.
>
> With regards,
My clients have accessed to SELECT in tables of database, but to
insert, update, delete, drop the objects is denied.
They are seing procedures and trigger, and can understand some
business rules of my software.
Then, exploring source code, they can manipulate some informations.
How can I get better security in the database?
Regards