Stack Overflow
Stack Overflow

Questions tagged [database-security]

218 questions
0
votes
1 answer

Oracle procedure - invoker right vs owner rights

I have procedure (procedureA) that is created in schema (schemaA). SchemaA user doesn't have any privilages only CONNECT role granted. ProcedureA is responsible for grant select,alter,update... privilages to specific table in other schemas to…
geek
  • 596
  • 8
  • 26
0
votes
1 answer

Security: Converting Stored Procedure into EF6

I'm considering converting my project from using Sprox to linq (EF6), however I'm a bit concerned about DB permissions. At the moment I'm assigning explicitly rights to each and every procedure and nothing beyond that. How can I have a similar…
Dave
  • 349
  • 1
  • 15
0
votes
1 answer

Multiple actions in a single query ORACLE

I have three databases connected remotedly via DBLink and I want to create a record in the three of them. The dynamic in this problem is that there is a company which has 3 retail stores in which they can sell items found in the others. The item1 is…
ditmark12
  • 111
  • 1
  • 11
0
votes
1 answer

Dissertation about website and database security - in need of some pointers

I am on my dissertation in my final year at university at the moment. One of the areas I need to research is security - for both websites and for databases. I currently have sections on the following: Website Form security - such as data…
ClarkeyBoy
  • 4,934
  • 12
  • 49
  • 64
0
votes
1 answer

How secured is the simple use of addslashes() and stripslashes() to code contents?

Making an ad manager plugin for WordPress, so the advertisement code can be almost anything, from good code to dirty, even evil. I'm using simple sanitization like: $get_content = ''; //insert into…
Mayeenul Islam
  • 4,532
  • 5
  • 49
  • 102
0
votes
1 answer

UnAuthorize changes in mongoDB

In MongoDB how unauthorized access and changes to the database is restricted. If only by login credentials. Then is the data stored in storage media (HDD,SSD) encrypted ?
waheebyaqub
  • 293
  • 1
  • 5
  • 13
0
votes
2 answers

Is it possible for double-escaping to cause harm to the DB?

If I accidentally double escape a string, can the DB be harmed? For the purposes of this question, let's say I'm not using stored procedures or parametrized queries For example, let's say I get the following input: bob's bike And I escape that: …
waiwai933
  • 14,133
  • 21
  • 62
  • 86
0
votes
1 answer

MongoDB Dynamic Database

Good day. I am starting a web project and am thinking about using mongoDB with Java and Spring data. In this web project each user would have a database. Other words, when the user signs in (this would be a shared database where only contain login…
Smiderle
  • 447
  • 4
  • 12
0
votes
1 answer

How to implement security on a local database created with Entity Framework (6.1)?

We have a desktop application that uses a local database (SQL Server 2012 LocalDb). We do not want the end user to be able to modify the database directly, and we want to restrict viewing the database contents to certain users. Moreover, we want to…
Dabblernl
  • 15,831
  • 18
  • 96
  • 148
0
votes
2 answers

Laravel 4 - User should access only his data in a multi-user database

I hope I described the subject properly. I'm creating a contact management application where each user will have his own contacts within the same contact table. Users must not be able to see each other's contacts. I started by doing this but there…
Robbie
  • 642
  • 1
  • 6
  • 12
0
votes
1 answer

SQL Server 2008 connection issues

So I'm working on a project using a SQL Server 2008 database. It uses Java with Hibernate. I was doing some work on it last week, it was working (relatively) fine. I came back to it today and all of the sudden Hibernate can't login or connect to the…
Abraham Church
  • 5
  • 7
0
votes
1 answer

Using TDE on MySQL in Windows Server 2008 R2

I was looking around for some solution to bring TDE to MySQL. I found this question asked in here before. But the question seems to be about enabling a TDE solution to a MySQL database that is installed in a Linux environment. In my case, I would…
Shabutie
  • 5
  • 4
0
votes
3 answers

hide database password in zend framework 2

I have a zend project which makes use of doctrine2. My problem is that I can't disable errors with sensitive data. (i.e. when database connection fails an error is shown including the password). What I have tried so far is changing the index.php…
J. Rahmati
  • 735
  • 10
  • 37
0
votes
1 answer

Script the granting of server roles to a SQL Server Login

I have a script that creates a login in SQL Server as follows: CREATE LOGIN [MyDomain\MyUser] FROM WINDOWS WITH DEFAULT_DATABASE=[master], DEFAULT_LANGUAGE=[us_english] GO Is it possible to add to this script the granting of server roles? I want to…
Declan McNulty
  • 3,194
  • 6
  • 35
  • 54
0
votes
1 answer

MySQL repl user permissions - is a wildcard host secure?

Using the Chef Opscode MySql cookbook. It grants the MySQL "repl" user access using a wildcard host value. GRANT REPLICATION SLAVE ON *.* TO 'repl'@'%' identified by *password* Is this secure? Or is it better to update the mysql.user table with a…
csi
  • 9,018
  • 8
  • 61
  • 81
1 2 3
14 15