>> Perhaps just the perspective from the apps I am involved with. These web apps have to have access to all the sensitive data because >> that's just what they do. >> We process financial data, trades etc., online.
Actually, those are the same types of apps I work on. Like you I give this stuff a lot of thought. >> OK, after having thought about this during my roller ski <snipped> I agree you've added an extra layer here for access to the database. Nevertheless, if the web server is compromised, if direct access is from web to db either through a machine, domain or sql server account, the attacker will be able to get at it with differing levels of difficulty depending on which authentication is used. That's why so many banks mandate a middle tier behind the DMZ. At my last place we did something a little different, which I'm thinking I probably shouldn't discuss any more. :) >> The next most vulnerable would be passwords <snipped> << Right, in your scenario instead of going directly to the database you'd first have to figure out the connection string protection. My opinion is that is pretty thin, it's an extra layer, but pretty thin. >> I'm not sure where the full access assumption came from. >> See above... I don't see anything above that says, "to make things simple make sure give the NT account full access to the database". :) Nevertheless at the minimum dbreader and dbwriter, so he could happily go in and delete stuff all over the place. Same holds true for the protected connect string accessed through code on the compromised server. >> True, but I think my point above is pretty solid. What do you think? I think you've added another layer of indirection, that may or may not add any difficulty to the attack. It may help or it may just add a false sense of security depending on what was done. >> You may be right, it's been so long since I ran as a machine account, I don't recall the details any longer. You can, and there is a whole camp that insists that this is the way to go. That's a whole other debate :). -- Bob =================================== This list is hosted by DevelopMentor� http://www.develop.com Some .NET courses you may be interested in: Essential .NET: building applications and components with C# November 29 - December 3, in Los Angeles http://www.develop.com/courses/edotnet View archives and manage your subscription(s) at http://discuss.develop.com
