Schema

David Merrill dmerrill@lupercalia.net
Wed, 13 Dec 2000 19:37:13 -0500 

On Wed, Dec 13, 2000 at 05:31:55PM -0600, Patrick Spinler wrote:
> David Merrill wrote:
> > 
> > > Most database support auth'ing database users against the OS's auth
> > > method.  Essentially, once you've logged into the system, as long as
> > > you're listed as a valid database user, you're okay.  I suggest we use
> > > this method.
> > 
> > The downside of that is the maintenance of the user accounts. Probably not an
> > issue now that I think about it. It is a very common way of writing database
> > apps for Windows, but I'm really not entirely sure why. Maybe because of some
> > Windows bletcherousness.
> > 
> > Oh, now I remember. It's because of how screwy the OS-to-SQL authorization is in
> > Windows. More bugs than 2 week old roadkill.
> 
> The downside that I see is that even though following this method makes
> using a dbms on the same machine easier (argueably), it makes a hash of
> security and administration if your dbms is on a different machine than
> your client.  (both client & server would need to use the same, secure
> authentication so that the server can _trust_ that the user is who the
> client says it is, and if the pipe between server and client is
> encrypted.)
> 
> For the server and client on the same machine, this method provides a
> reasonable expectation of privacy for the database - file protections
> stop raw access to the file, and database user auth'ing stops people
> running a database engine against it.
> 
> For a first implementation this is probably okay, since people on this
> list are talking about using an embedded or "sandboxed" database that
> would be under complete control of the application, and transparent to
> the user.

True, security is a lot easier when everything's local.

If the client accesses the server via ssh and is then logged onto the
database using their user account on the db machine, where are the
weaknesses? Where is it vulnerable?

I'm not a Linux security expert, although I try to learn as much as I can
just to stay safe in this wacky world.


-- 
Dr. David C. Merrill                     http://www.lupercalia.net
Linux Documentation Project                dmerrill@lupercalia.net
Collection Editor & Coordinator            http://www.linuxdoc.org
                                       Finger me for my public key

Confidant, confidante, n:
	One entrusted by A with the secrets of B, confided to himself by C.
		-- Ambrose Bierce, "The Devil's Dictionary"