Subject: Policy-Discussion
List archive
- From: Philipp Gühring <pg AT futureware.at>
- To: Policy-Discussion <cacert-policy AT lists.cacert.org>
- Subject: Re: [CAcert-Policy] What's the name for?
- Date: Sun, 31 Jul 2005 02:13:38 +0200
- List-archive: <http://lists.cacert.org/cgi-bin/mailman/private/cacert-policy>
- List-id: Policy-Discussion <cacert-policy.lists.cacert.org>
- Organization: Futureware 2001
Hi,
> > Would the SQL server be secured on a third machine, with only network
> > connections allowed on the relevant port? I assume the only way to
> > protect data is to ensure that only certain queries can be run. As if
> > you comprimise the web server, you have all the passwords to connect to
> > the SQL server. I'm not sure how exactly the SQL server could be
> > secured, it needs more flexible access than the root key server.
>
> Some protection would be to use stored procedures for the queries and
> limit access from the webserver to the stored procedures (hmmm, does MySQL
> do stored procedure these days?) That way only predefined queries can be
> executed...
Hmm, having a "Middleware" that implements the Busines logic and secures
everything would be also an idea.
Doesn´t need to be implemented by stored procedures in the DB.
Regards,
Philipp Gühring
- [CAcert-Policy] What's the name for?, (continued)
- [CAcert-Policy] What's the name for?, Ian Grigg, 07/21/2005
- Re: [CAcert-Policy] What's the name for?, Duane, 07/21/2005
- Re: [CAcert-Policy] What's the name for?, Ian Grigg, 07/21/2005
- Re: [CAcert-Policy] What's the name for?, Philipp Gühring, 07/22/2005
- Re: [CAcert-Policy] What's the name for?, Ian Grigg, 07/26/2005
- Re: [CAcert-Policy] What's the name for?, Russell Smith, 07/22/2005
- Re: [CAcert-Policy] What's the name for?, Duane, 07/22/2005
- Re: [CAcert-Policy] What's the name for?, Russell Smith, 07/23/2005
- Re: [CAcert-Policy] What's the name for?, Ian Grigg, 07/27/2005
- Re: [CAcert-Policy] What's the name for?, Jac Kersing, 07/27/2005
- Re: [CAcert-Policy] What's the name for?, Philipp Gühring, 07/31/2005
- Re: [CAcert-Policy] What's the name for?, Philipp Gühring, 07/22/2005
- Re: [CAcert-Policy] What's the name for?, Peter Williams, 07/24/2005
- Re: [CAcert-Policy] What's the name for?, Ian Grigg, 07/25/2005
- RE: [CAcert-Policy] What's the name for?, Peter Williams, 07/26/2005
- Re: [CAcert-Policy] What's the name for?, Ian Grigg, 07/26/2005
- Re: [CAcert-Policy] What's the name for?, Ian Grigg, 07/21/2005
- Re: [CAcert-Policy] What's the name for?, Duane, 07/21/2005
- [CAcert-Policy] What's the name for?, Ian Grigg, 07/21/2005
- Re: [CAcert-Policy] What's the name for?, Ian Grigg, 07/25/2005
- Re: [CAcert-Policy] What's the name for?, Philipp Gühring, 07/29/2005
- Re: [CAcert-Policy] What's the name for?, Ian Grigg, 07/26/2005
- Re: [CAcert-Policy] What's the name for?, Philipp Gühring, 07/29/2005
- RE: [CAcert-Policy] What's the name for?, Peter Williams, 07/29/2005
- Re: [CAcert-Policy] What's the name for?, Ian Grigg, 07/29/2005
Archive powered by MHonArc 2.6.16.