Posted by Erland Sommarskog on 12/10/05 12:30

Christopher Browne (cbbrowne@acm.org) writes:
> Unfortunately, that means that you have to trust the database engine
> with the cryptographic keys.
>
> That means the DB engine is free to do whatever it likes with them,
> which is an inherent, vast, gaping security hole.

Eh? The DB engine does not have a mind of its own. Of course, any piece
of software can be spyware that leaks secrets behind your backs, but
if you are that paranoid, you should not use computers at all.

Or could you care to elaborate what you actually mean?


--
Erland Sommarskog, SQL Server MVP, esquel@sommarskog.se

Books Online for SQL Server 2005 at
http://www.microsoft.com/technet/prodtechnol/sql/2005/downloads/books.mspx
Books Online for SQL Server 2000 at
http://www.microsoft.com/sql/prodinfo/previousversions/books.mspx

• Next in forum: Re: dynamically trasnpose rows into columns
• Prev in forum: How to copy data from backup or data files to new SQL installation?
• Thread view: Re: Database security (crosspost)

[Reply to this message]