Reply to Re: Database security (crosspost) — MsSQL Server

Posted by Erland Sommarskog on 12/10/05 12:30

Christopher Browne (cbbrowne@acm.org) writes:
> Unfortunately, that means that you have to trust the database engine
> with the cryptographic keys.
>
> That means the DB engine is free to do whatever it likes with them,
> which is an inherent, vast, gaping security hole.

Eh? The DB engine does not have a mind of its own. Of course, any piece
of software can be spyware that leaks secrets behind your backs, but
if you are that paranoid, you should not use computers at all.

Or could you care to elaborate what you actually mean?

--
Erland Sommarskog, SQL Server MVP, esquel@sommarskog.se

Books Online for SQL Server 2005 at
http://www.microsoft.com/technet/prodtechnol/sql/2005/downloads/books.mspx
Books Online for SQL Server 2000 at
http://www.microsoft.com/sql/prodinfo/previousversions/books.mspx

[Back to original message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация