On Wednesday 26 November 2003 13:22, Curley, Thomas wrote: > Another Assumption > ------------------ > Encrypting / decrypting all data on the fly would be too expensive and > grind the app to a halt > > So the question again :- > > Any ideas on how to avoid having data files stored with absolutely no > protection against copying ????
To look at it from another angle (and address the 'shouldn't be on the internet' issue), take the case of a webserver that has a script that can access the SQL server. Said SQL server is on a private, internal only network, with no access to the internet. Said script has a username and password that can read 'private' data. Someone is able to see the source if the script, and now has the username and password (assumption: the viewing is done from a local shell). How is having the SQL server hidden from the internet a benefit? So long as you provide any mechanism to access the server, you cannot consider the server data to be private, unless you redefine the word private. If you want to keep data on an SQL server, and not let people copy the database, then don't give them a login on the SQL server, and don't give them a username/password for connecting to the SQL engine. How do you stop someone from copying a piece of paper in an office? You lock it away from them. Or them from it. -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
