Beefy Boxes and Bandwidth Generously Provided by pair Networks
Clear questions and runnable code
get the best and fastest answer
 
PerlMonks  

Re: Use placeholders. For SECURITY!

by mpeppler (Vicar)
on Nov 14, 2003 at 01:00 UTC ( #306987=note: print w/ replies, xml ) Need Help??


in reply to Use placeholders. For SECURITY!

Absolutely. The alternative at the database level can be to force all access via stored procedures, but even that doesn't necessarily protect you against this sort of problem.

At one client we have set up a fairly elaborate security system where the front end servers hit a middle ware layer on a different server with a request that includes a service name and an MD5 key for that service, which gets validated in the database before the service is allowed to run. This should prevent unauthorized hosts from connecting to the database directly, and from attempting to execute unauthorized database requests (I say "should" because we all know that all software has bugs...). It costs us in terms of performance (for each database request there are multiple round-trips to the database to validate the request, etc.), but preserving the integritiy of our data is essential.

Michael


Comment on Re: Use placeholders. For SECURITY!

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://306987]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others taking refuge in the Monastery: (8)
As of 2014-09-01 19:22 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My favorite cookbook is:










    Results (16 votes), past polls