On Sep 5, 2006, at 9:16 AM, Vassilis Aggelakos wrote:
You're assuming that the password is stored in either an
unencrypted form
Definetely No. If you are a MySQL developer that knows what
function does the checking and returns .T. if we have a valid pwd
then you can easily modify the routine to return *always* .T.
Is it difficult?
Wait a second: you're assuming that you have complete write
privileges on the server, and can modify the software? Well, then
sure, of course you can do that. You can reformat the disk, too,
while you're at it.
Anyone who has full write privileges on the server can do just about
anything they want. No database password system is going to do much
good in that case.
-- Ed Leafe
-- http://leafe.com
-- http://dabodev.com
_______________________________________________
Post Messages to: [email protected]
Subscription Maintenance: http://leafe.com/mailman/listinfo/profox
OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech
** All postings, unless explicitly stated otherwise, are the opinions of the
author, and do not constitute legal or medical advice. This statement is added
to the messages for those lawyers who are too stupid to see the obvious.
