Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
Protecting a Database
Message
From
10/05/2004 09:04:45
Michael Levy
Cincinnati, Ohio, United States
 
 
To
10/05/2004 05:40:20
Fabio Lunardon
Lunacom
Marostica, Italy
General information
Forum:
Microsoft SQL Server
Category:
Other
Title:
Re: Protecting a Database
Miscellaneous
Thread ID:
00902255
Message ID:
00902397
Views:
19
>yes, it is a design bug/lack.

huh?

It's hard to protect your data (regardless of the source, product, or vendor) when the "bad guy" has physical access to the machine - especially with, or close to, admin permissions.

If you're so worried about this, physically secure the server. I once dealt with a client that housed the server in a vault

>
>i think you dont understand what i'm saying... let say...uninstall sql server or stop the service manager .... i can copy the database files to another computer with sql server installed and attach the database files i can see all the sp,data,,,, in it...hope you understand
>
>
>yes, it is a design bug/lack.
>
>A SQL Database have not a inner application password,
>and a customer can use sp_attach_db for skip all the access restrictions.
>
>At this point it can see all the db structures, and with a public program decrypt all.
>
>It is like supplying to a contender the application with the code source.
>Fantastic!
>SQL Server is a Open Source developer enviroment.
Michael Levy
MCSD, MCDBA
ma_levy@hotmail.com
Previous
Next
Reply
Map
View

Click here to load this message in the networking platform