Re: Database Security

This WebDNA talk-list message is from

1998


It keeps the original formatting.
numero = 18397
interpreted = N
texte = I thought you could just store you databases in the scripts/webcatalog/whatever (for NT)Ray At 11:12 AM 6/22/98 -0800, you wrote: >>My problem is that if the visitor to the site knows the URL to the >>database then they can view the complete database as a text file (see >>http://www.traderpub.com/TraderPub/BoatRVTrader/catalog.txt for an >>example of what I mean), this is not desirable. > >There are several easy solutions; unfortunately that site is not following >the recommendations for keeping databases secure. > >On a Macintosh, you can make a file un-downloadable by changing its >filetype to WWWOmega. WebCatalog does this automatically whenever it >writes a file to disk. > >On a PC, you would turn off the Read permissions of that directory. > >For both PC and Mac, you could change the database name to Catalog.db and >then set up a suffix mapping for *.db -> WebCatalog. This would let >WebCatalog intercept all URL requests and decide not to display that file >based on its extension of .db. > >Technical Support | ==== eCommerce and Beyond ==== >Pacific Coast Software | WebCatalog, WebMerchant, >11770 Bernardo Plaza Court | SiteEdit Pro, PhotoMaster, >San Diego, CA 92128 | Typhoon >619/675-1106 Fax: 619/675-0372 | http://www.smithmicro.com/ > Webmaster Mind Information Systems http://www.mindinfo.com Associated Messages, from the most recent to the oldest:

    
  1. Re: Database Security Rev., (Kenneth Grome 2002)
  2. Re: Database Security Rev., (Donovan 2002)
  3. Re: Database Security Rev., (Kenneth Grome 2002)
  4. Re: Database Security Rev., (Jay Van Vark 2002)
  5. Re: Database Security Rev., (Donovan 2002)
  6. Re: Database Security Rev., (Stuart Tremain 2002)
  7. Re: Database Security Rev., (Jay Van Vark 2002)
  8. Re: Database Security Rev., (Donovan 2002)
  9. Re: Database Security Rev., (Andrew Simpson 2002)
  10. Re: Database Security Rev., (Donovan 2002)
  11. Re: Database Security Rev., (Jeff Logan 2002)
  12. Database Security Rev., (Donovan 2002)
  13. Re: Database Security (talk 1998)
  14. Re: Database Security (PCS Technical Support 1998)
  15. Re: Database Security (PCS Technical Support 1998)
  16. Re: Database Security (Kenneth Grome 1998)
  17. Database Security (Julian Clayton 1998)
  18. Re: Database Security (Raymond Hatch 1998)
I thought you could just store you databases in the scripts/webcatalog/whatever (for NT)Ray At 11:12 AM 6/22/98 -0800, you wrote: >>My problem is that if the visitor to the site knows the URL to the >>database then they can view the complete database as a text file (see >>http://www.traderpub.com/TraderPub/BoatRVTrader/catalog.txt for an >>example of what I mean), this is not desirable. > >There are several easy solutions; unfortunately that site is not following >the recommendations for keeping databases secure. > >On a Macintosh, you can make a file un-downloadable by changing its >filetype to WWWOmega. WebCatalog does this automatically whenever it >writes a file to disk. > >On a PC, you would turn off the Read permissions of that directory. > >For both PC and Mac, you could change the database name to Catalog.db and >then set up a suffix mapping for *.db -> WebCatalog. This would let >WebCatalog intercept all URL requests and decide not to display that file >based on its extension of .db. > >Technical Support | ==== eCommerce and Beyond ==== >Pacific Coast Software | WebCatalog, WebMerchant, >11770 Bernardo Plaza Court | SiteEdit Pro, PhotoMaster, >San Diego, CA 92128 | Typhoon >619/675-1106 Fax: 619/675-0372 | http://www.smithmicro.com/ > Webmaster Mind Information Systems http://www.mindinfo.com Raymond Hatch

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

corrupted images (2002) starting news site + small store (2000) SPAM (OT) (2004) Site Builder & IE Mac (2004) Mixing and/or in searches (1998) WCS Newbie question (1997) Re1000002: Setting up shop (1997) Plugin or CGI or both (1997) snicker, snicker (1997) Webten + Webcat running smooth (1998) Checkboxes (1998) Caching [include] files ... (1997) select multiple 2 more cents (1997) TRAINING videos - Prove IT. (1998) Search Summary (2005) [WebDNA] Fwd: RETS... HELP! (2009) carriage returns in data (1997) quotes and truncating? (1997) RE: Signal Raised (1997) Random Number Generator works for Ranges of Numbers (1997)