Stack Overflow
Stack Overflow

Questions tagged [database-security]

218 questions
0
votes
1 answer

Where does a Web service's Database typically sit?

I am learning back-end development by developing a C# Web Service that interacts with a database. I am not sure, however, where the database is supposed to be kept. Is it supposed to be in the same location as where the web service will be hosted?
pnizzle
  • 6,243
  • 4
  • 52
  • 81
0
votes
1 answer

Direct privilege grant vs ALL PRIVILEGES vs roles vs PUBLIC

1/ To my knowledge, direct privilege grant and ROLE grant and PUBLIC grant are independent, meaning all 3 can carry themselves the same privilege. Revoking from one does not interfere with that privilege still staying with the user. Meaning if…
Kenny
  • 1,902
  • 6
  • 32
  • 61
0
votes
1 answer

How can you restrict a user to making only SELECT statements on Google cloudSQL

I am currently writing an application that uses google cloud SQL to query and display certain data. Is there a way that I can programatically enforce that all queries made by the user will be SELECT statements? Or at least ruling out DML…
Gary Cassar
  • 49
  • 4
0
votes
2 answers

When creating a database, is it good practice to hash all primary keys in each table?

Regardless of table importance, is it generally good practice to hash every single primary key, or should the type of data being stored be considered in that decision? [Just to clarify the question] I was mainly wondering in the context of database…
peyssoa
  • 40
  • 5
0
votes
1 answer

Should end-user facing tables always be in the form of a view?

In creating data warehouses, I'm used to creating views on top of the tables so that users are querying those views and not the tables. They're never given access to the tables anyways. Now in regards to the current data warehouse in question, there…
simplycoding
  • 2,770
  • 9
  • 46
  • 91
0
votes
0 answers

How to protect database login info (username/password) in a php code?

I'm struggling with protecting my login info. Let's say my FTP gets hacked, the hackers get access to my login info and may do harm as they like. Is there a possible way of encrypting it or secure it in any way which will be unhackable, at least for…
Omer Aviv
  • 286
  • 3
  • 20
0
votes
1 answer

Postgresql remote access direct or via ssh tunnels

I have given remote read-only database access to some users as follows: Postgres is listening to a port [opened on firewall] ip address s/usernames/passes are added to pg_hba.conf file Privileges are configured on database Is it safe enough to…
PHA
  • 1,588
  • 5
  • 18
  • 37
0
votes
0 answers

Python Django Create Users With roles on what they can see?

Hello I have to make normal users with email verification and special_users that can accept a user that did apply demand form like this: User Form after registration (Super_User cant see this form) Name Surname Birthday . . . Upload an…
Dardan
  • 43
  • 4
0
votes
1 answer

Password protect sql database backups in maintenance plan

I have a microsoft sql server database (2012) and its currently being backed up using maintenance plans. I have a full back up, differential back up and transaction logs backup in my plan. For security reason i would like to add password protection…
user4432964
0
votes
1 answer

Column level data encryption in SQL Server 2014

I need to encrypt few column level data in multiple tables in SQL server 2014. I'm a little confused after reading an article on Encrypt a column of data from the microsoft forum. Do I need to create a new column in the table for encrypted data? I…
LearningMacro
  • 137
  • 1
  • 15
0
votes
1 answer

Hashing MySql passwords gives: "Authentication with old password no longer supported, use 4.1 style passwords"

I try connect to a MySql (version 5.0.95) database from a ASP.NET (Razor) web page... (Assembly MySql.Data.dll, v6.6.5.0) First I tried directly to specify directly the password in the connection string like "...;pwd=myClearPassword". But When…
serge
  • 13,940
  • 35
  • 121
  • 205
0
votes
1 answer

Security of user-defined direct SQL queries under EntityFramework 6

I need to (re)develop a tool for the users of the application I work on, which is in ASP.NET 4.5.2 / MVC 5.2.3 and uses Entity Framework 6. This tool is supposed to allow authorized users to edit SQL queries, and lower-priviledged ones to run them…
Eregrith
  • 4,263
  • 18
  • 39
0
votes
2 answers

Database security / scaling question

Typically I use a database such as MySQL or PostGreSQL on the same machine as the application using it, which makes access easy and secure. I'm just now building the first site that will have a separate physical database server (later this year it…
orokusaki
  • 55,146
  • 59
  • 179
  • 257
0
votes
4 answers

What HTML tags would be considered dangerous if stored in SQL Server?

Considering issues like CSRF, XSS, SQL Injection... Site: ASP.net, SQL Server 2012 I'm reading a somewhat old page from MS: https://msdn.microsoft.com/en-us/library/ff649310.aspx#paght000004_step4 If I have a parametrized query, and one of my fields…
user1447679
  • 3,076
  • 7
  • 32
  • 69
0
votes
1 answer

How to prevent windows administrator to attach ms sql database

Background: [No copyright implementation] [No copyright implementation] My company develops inventory control application for clients in the area where we don't have copyright protection by the government. The only option is to hide and protect…
Salik
  • 458
  • 7
  • 14
1 2 3
14 15