[lnkForumImage]
TotalShareware - Download Free Software
Confronta i prezzi di migliaia di prodotti.
Asp Forum
 Home | Login | Register | Search 


 

Forums >

microsoft.public.inetserver.asp.db

michael kors handbags outlet irfu

Katadedajab

12/27/2013 12:22:00 PM

<a href=http://www.mealmixer.com/shopping.html><b&... kors outlet</b></a>I think many of the pressure will be transferred to learn more about the attending college.a kid not only can they need to bother about more and more homework. and they will face many interest classes that they should for no reason like at all of them are nowadays going to be the children's childhood is not at all happy as 70 80. they have big event the length of time to learn more about take pleasure in going to be the beautiful starry sky. they have don't you think free of charge for more information regarding running throughout the going to be the us road.many people of their the length of time they spend time researching play,keep your computer under their parents' and their teachers' eyes.<a href=http://panooza.lv/><... vuitton outlet store</b></a>I guess going to be the bungalow as part of your developped countries would be the fact if that's so equipped as if that's the case If a resource box has most of them are going to be the labor-saving models I'd slightly like to live everywhere in the an all in one bundalow beside a multi function lake. But going to be the housing sum of money would be the fact too superior upon China. I can't as an example afford an apartment.<a href=http://panooza.lv/><... vuitton outlet</b></a>somebody's ought to be the is this : another's poison. I am enjoying going to be the bright summer.<a href=http://panooza.lv/><... vuitton official website</b></a>This article tells my hand I can be capable of getting more and more reasonably priced goods, quality 100% reliable, I should take the time to learn more about enter going to be the mall to explore go and buy going to be the network significantly more useful things.Save all your family members much in the way the amount of time and get started.<a href=http://www.isawaprotest.com/fashionablemk.html><b&... kors outlet</b></a>
2 Answers

michael

9/21/2007 9:00:00 PM

0

Hope you're still watching this thread.

After thinking about this for a bit, it seems that the whole idea of using
TableAdapters, because of the direct access to the base tables, has a serious
security flaw. Since these objects don't operate through SP's (and therefore
you can't control security at this level) user access is determined by their
SQL Server credentials or the application's logon/pw. If the SQL credentials
allow DELETE, there's nothing to prevent a user to use SSMS and wipe out
data. If the user can extract the application's logon/pw from the code, the
same thing is possible.

If my assumption is correct, then I'm sort of surprised that MS would
promote this kind of architecture to end user developers.

Unless they put a whole lot of faith in the ability of obfuscation to
protect an application's logon/pw.

--
Michael


"William Vaughn" wrote:

> There are several approaches that can be taken--this is what I recommend for many applications:
> a.. Do not expose base tables at all. This is the foundation of the remaining strategies.
> b.. Create Views that return focused subsets of the tables as needed by the applications, but do not grant "write" access.
> c.. Create stored procedures that manage the changes to the base tables. Since many operations involve more than a single table, these procedures can deal with the complexities of managing business rules and RI. Grant access to these SPs to specific accounts created specifically for the applications that invoke them.
> d.. Create user accounts for the application--not the individual. That way the user need not know what credentials are used to gain access to the data. If the credentials are discovered, all they can do is run specific SPs that carefully guard the data and do not permit gross operations like dropping tables or changing rights.
> e.. Manage user access to the applications through your own means using Windows authentication with login rights management that has no correlation to the rights granted to the application. For example Sam clerk signs in to Windows and runs the accounting application which asks him to log in. These credentials are validated by the application and grant Sam specific rights and enable portions of the application that only apply to him. When Sam is fired or moves on, you simply drop him from the list of valid accounts. This approach also permits you to log all of Sam's operations and grant him just the rights he needs--and no more.
> I discuss this at length in my book.
>
> hth
>
> --
> ____________________________________
> William (Bill) Vaughn
> Author, Mentor, Consultant, Dad, Grandpa
> Microsoft MVP
> INETA Speaker
> www.betav.com
> www.betav.com/blog/billva
> Please reply only to the newsgroup so that others can benefit.
> This posting is provided "AS IS" with no warranties, and confers no rights.
> __________________________________
> Visit www.hitchhikerguides.net to get more information on my latest book:
> Hitchhiker's Guide to Visual Studio and SQL Server (7th Edition)
> and Hitchhiker's Guide to SQL Server 2005 Compact Edition (EBook)
> -----------------------------------------------------------------------------------------------------------------------
>
> "michael" <michael@discussions.microsoft.com> wrote in message news:8029BF55-5287-44FF-9158-D83C181CC6E3@microsoft.com...
> > What's the best way of having a .NET application interact with SQL server
> > without compromising security? Here's my issue:
> >
> > Let's say you want a user to be able to read, write, and delete records from
> > a SQL Server table. It's simple enough to give the user logon credentials on
> > SQL Server allowing them to do just that. Then, a .NET application can use
> > those credentials to consume the data. But let's say that same user has some
> > saavy and uses his/her credentials with SQL Server Management Studio for the
> > purposes of evil?
> >
> > Alternatively, you could use your own credentials to logon to the SQL Server
> > from within the application preventing the user from using a tool like SSMS.
> > However, then you're storing your credentials within application code which
> > could be dissected and recovered (unless obfuscated).
> >
> > Or maybe write a "middle tier" that alone interacts with the SQL Server. The
> > application would only have to leverage the middle tier's own security scheme
> > and not SQL Servers.
> >
> >
> > What's the best way?
> > --
> > Michael

William Vaughn

9/21/2007 10:46:00 PM

0

You're working under the assumption that TableAdapters need to be sourced
from base tables--they don't. See my article
http://www.developer.com/db/article.p... that shows how to put
together a hierarchical TableAdapter using SPs. No, it's not as easy as it
should be, and virtually every demo you see will use base tables, but it can
(and should) be done. The other pundits and I have been on their case for a
decade to support SPs in these tools. They're getting closer, but remember
that many of their customers are using toy/home databases where SPs don't
really make much sense or aren't supported.

hth

--
____________________________________
William (Bill) Vaughn
Author, Mentor, Consultant, Dad, Grandpa
Microsoft MVP
INETA Speaker
www.betav.com
www.betav.com/blog/billva
Please reply only to the newsgroup so that others can benefit.
This posting is provided "AS IS" with no warranties, and confers no rights.
__________________________________
Visit www.hitchhikerguides.net to get more information on my latest book:
Hitchhiker's Guide to Visual Studio and SQL Server (7th Edition)
and Hitchhiker's Guide to SQL Server 2005 Compact Edition (EBook)
-----------------------------------------------------------------------------------------------------------------------

"michael" <michael@discussions.microsoft.com> wrote in message
news:21E98694-2E7A-4A7B-A7C6-C8AFB0E942B7@microsoft.com...
> Hope you're still watching this thread.
>
> After thinking about this for a bit, it seems that the whole idea of using
> TableAdapters, because of the direct access to the base tables, has a
> serious
> security flaw. Since these objects don't operate through SP's (and
> therefore
> you can't control security at this level) user access is determined by
> their
> SQL Server credentials or the application's logon/pw. If the SQL
> credentials
> allow DELETE, there's nothing to prevent a user to use SSMS and wipe out
> data. If the user can extract the application's logon/pw from the code,
> the
> same thing is possible.
>
> If my assumption is correct, then I'm sort of surprised that MS would
> promote this kind of architecture to end user developers.
>
> Unless they put a whole lot of faith in the ability of obfuscation to
> protect an application's logon/pw.
>
> --
> Michael
>
>
> "William Vaughn" wrote:
>
>> There are several approaches that can be taken--this is what I recommend
>> for many applications:
>> a.. Do not expose base tables at all. This is the foundation of the
>> remaining strategies.
>> b.. Create Views that return focused subsets of the tables as needed by
>> the applications, but do not grant "write" access.
>> c.. Create stored procedures that manage the changes to the base
>> tables. Since many operations involve more than a single table, these
>> procedures can deal with the complexities of managing business rules and
>> RI. Grant access to these SPs to specific accounts created specifically
>> for the applications that invoke them.
>> d.. Create user accounts for the application--not the individual. That
>> way the user need not know what credentials are used to gain access to
>> the data. If the credentials are discovered, all they can do is run
>> specific SPs that carefully guard the data and do not permit gross
>> operations like dropping tables or changing rights.
>> e.. Manage user access to the applications through your own means using
>> Windows authentication with login rights management that has no
>> correlation to the rights granted to the application. For example Sam
>> clerk signs in to Windows and runs the accounting application which asks
>> him to log in. These credentials are validated by the application and
>> grant Sam specific rights and enable portions of the application that
>> only apply to him. When Sam is fired or moves on, you simply drop him
>> from the list of valid accounts. This approach also permits you to log
>> all of Sam's operations and grant him just the rights he needs--and no
>> more.
>> I discuss this at length in my book.
>>
>> hth
>>
>> --
>> ____________________________________
>> William (Bill) Vaughn
>> Author, Mentor, Consultant, Dad, Grandpa
>> Microsoft MVP
>> INETA Speaker
>> www.betav.com
>> www.betav.com/blog/billva
>> Please reply only to the newsgroup so that others can benefit.
>> This posting is provided "AS IS" with no warranties, and confers no
>> rights.
>> __________________________________
>> Visit www.hitchhikerguides.net to get more information on my latest book:
>> Hitchhiker's Guide to Visual Studio and SQL Server (7th Edition)
>> and Hitchhiker's Guide to SQL Server 2005 Compact Edition (EBook)
>> -----------------------------------------------------------------------------------------------------------------------
>>
>> "michael" <michael@discussions.microsoft.com> wrote in message
>> news:8029BF55-5287-44FF-9158-D83C181CC6E3@microsoft.com...
>> > What's the best way of having a .NET application interact with SQL
>> > server
>> > without compromising security? Here's my issue:
>> >
>> > Let's say you want a user to be able to read, write, and delete records
>> > from
>> > a SQL Server table. It's simple enough to give the user logon
>> > credentials on
>> > SQL Server allowing them to do just that. Then, a .NET application can
>> > use
>> > those credentials to consume the data. But let's say that same user has
>> > some
>> > saavy and uses his/her credentials with SQL Server Management Studio
>> > for the
>> > purposes of evil?
>> >
>> > Alternatively, you could use your own credentials to logon to the SQL
>> > Server
>> > from within the application preventing the user from using a tool like
>> > SSMS.
>> > However, then you're storing your credentials within application code
>> > which
>> > could be dissected and recovered (unless obfuscated).
>> >
>> > Or maybe write a "middle tier" that alone interacts with the SQL
>> > Server. The
>> > application would only have to leverage the middle tier's own security
>> > scheme
>> > and not SQL Servers.
>> >
>> >
>> > What's the best way?
>> > --
>> > Michael