Re: Database Security

This WebDNA talk-list message is from

1998


It keeps the original formatting.
numero = 18397
interpreted = N
texte = I thought you could just store you databases in the scripts/webcatalog/whatever (for NT)Ray At 11:12 AM 6/22/98 -0800, you wrote: >>My problem is that if the visitor to the site knows the URL to the >>database then they can view the complete database as a text file (see >>http://www.traderpub.com/TraderPub/BoatRVTrader/catalog.txt for an >>example of what I mean), this is not desirable. > >There are several easy solutions; unfortunately that site is not following >the recommendations for keeping databases secure. > >On a Macintosh, you can make a file un-downloadable by changing its >filetype to WWWOmega. WebCatalog does this automatically whenever it >writes a file to disk. > >On a PC, you would turn off the Read permissions of that directory. > >For both PC and Mac, you could change the database name to Catalog.db and >then set up a suffix mapping for *.db -> WebCatalog. This would let >WebCatalog intercept all URL requests and decide not to display that file >based on its extension of .db. > >Technical Support | ==== eCommerce and Beyond ==== >Pacific Coast Software | WebCatalog, WebMerchant, >11770 Bernardo Plaza Court | SiteEdit Pro, PhotoMaster, >San Diego, CA 92128 | Typhoon >619/675-1106 Fax: 619/675-0372 | http://www.smithmicro.com/ > Webmaster Mind Information Systems http://www.mindinfo.com Associated Messages, from the most recent to the oldest:

    
  1. Re: Database Security Rev., (Kenneth Grome 2002)
  2. Re: Database Security Rev., (Donovan 2002)
  3. Re: Database Security Rev., (Kenneth Grome 2002)
  4. Re: Database Security Rev., (Jay Van Vark 2002)
  5. Re: Database Security Rev., (Donovan 2002)
  6. Re: Database Security Rev., (Stuart Tremain 2002)
  7. Re: Database Security Rev., (Jay Van Vark 2002)
  8. Re: Database Security Rev., (Donovan 2002)
  9. Re: Database Security Rev., (Andrew Simpson 2002)
  10. Re: Database Security Rev., (Donovan 2002)
  11. Re: Database Security Rev., (Jeff Logan 2002)
  12. Database Security Rev., (Donovan 2002)
  13. Re: Database Security (talk 1998)
  14. Re: Database Security (PCS Technical Support 1998)
  15. Re: Database Security (PCS Technical Support 1998)
  16. Re: Database Security (Kenneth Grome 1998)
  17. Database Security (Julian Clayton 1998)
  18. Re: Database Security (Raymond Hatch 1998)
I thought you could just store you databases in the scripts/webcatalog/whatever (for NT)Ray At 11:12 AM 6/22/98 -0800, you wrote: >>My problem is that if the visitor to the site knows the URL to the >>database then they can view the complete database as a text file (see >>http://www.traderpub.com/TraderPub/BoatRVTrader/catalog.txt for an >>example of what I mean), this is not desirable. > >There are several easy solutions; unfortunately that site is not following >the recommendations for keeping databases secure. > >On a Macintosh, you can make a file un-downloadable by changing its >filetype to WWWOmega. WebCatalog does this automatically whenever it >writes a file to disk. > >On a PC, you would turn off the Read permissions of that directory. > >For both PC and Mac, you could change the database name to Catalog.db and >then set up a suffix mapping for *.db -> WebCatalog. This would let >WebCatalog intercept all URL requests and decide not to display that file >based on its extension of .db. > >Technical Support | ==== eCommerce and Beyond ==== >Pacific Coast Software | WebCatalog, WebMerchant, >11770 Bernardo Plaza Court | SiteEdit Pro, PhotoMaster, >San Diego, CA 92128 | Typhoon >619/675-1106 Fax: 619/675-0372 | http://www.smithmicro.com/ > Webmaster Mind Information Systems http://www.mindinfo.com Raymond Hatch

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Email within tmpl ? (1997) WebCatalog Beta Documentation (1997) Using Applescript to process WebCatalog functions (1998) [WebDNA] El Capitan (2017) [searchString] (1997) I'm tired of all this! (2000) Single Link browsing (1997) Bug Report, maybe (1997) shipcost (1997) About the mailer (2002) RE: protect tag on NT (1997) Error Lob.db records error message not name (1997) WebDNA Developer Edition - Host config problem (2003) Now you see it now you donīt (1997) Re:Copyright ? (1997) cybercash question (2000) notification solutions (1997) WebCatalog Serial Number (2003) test (2000) WebCat2b13 Command Reference Doc error (1997)