0

I am working on the monthly Billing system for students' for which they pay through their id card. We have done all the things MySQL databases and Client UI program and all.

But we need a way to ensure that one person who knows the password to the MySQL server does not have unlimited control over it as that the team working on it is made up of students only.

So I wanted to know if there is anything we can do to have MySQL ask for two passwords while connecting to it. (It asks for one currently). We want like the thing that is there in Bank lockers, where bank has one key we have one key and both the keys are required to open the locker.

Thanks in advance.

bummi
  • 27,123
  • 14
  • 62
  • 101
Deven Bansod
  • 73
  • 1
  • 6
  • I am not sure, are you going to protect it from developers or clients? Is not specifying grants for clients enough? Or maybe you should build mid layer application? – Uriil Nov 23 '13 at 15:00
  • you can set their permissions to be restrictive, and limit their access to a single table, or to only `SELECT`, for instance.. would that do it? – msturdy Nov 23 '13 at 15:44
  • There is no good way to really secure something like this while still giving them enough access to be useful. Instead go for a different solution, make sure _everything_ is logged and make sure they know that. So that they can change things but will always be caught when they do. – Wolph Nov 23 '13 at 15:53
  • Giving privileges will still have one admin user. We don't want that. Only people accessing the database directly, will be 4 team members and no one else. Rest the operator will be using a Visual C# program – Deven Bansod Nov 23 '13 at 16:06
  • We want to protect it from Developers mainly. Users wont have access to it as it is not on any network. http://docs.oracle.com/cd/B28359_01/server.111/b31222/cfrulset.htm#DVADM70174 Can anyone tell What does this do ?? And is there something like this in MySQL too ? – Deven Bansod Nov 23 '13 at 16:08
  • 1
    If it's just for development, than why don't you simply use a different environment? Not allowing the developers to production is an easy way to split these ;) – Wolph Nov 23 '13 at 17:21

0 Answers0