Stack Overflow
Stack Overflow

Questions tagged [database-security]

218 questions
5
votes
2 answers

Namespaces for Multi tenancy in Cloud Firestore

How do we set a different database / namespace in Firestore? This would be helpful in building multi-tenancy SaaS products.
Gubbi
  • 756
  • 1
  • 7
  • 18
5
votes
3 answers

Questions and considerations to ask client for designing a database

so as title says, I would like to hear your advices what are the most important questions to consider and ask end-users before designing database for their application. We are to make database-oriented app, with special attenion to pay on db…
Julia
  • 1,217
  • 8
  • 23
  • 46
5
votes
1 answer

How to secure a SQL database from domain admins?

I've got a database that I'd like to keep on the main domain, but prevent domain admins from writing to it. Read access is not a concern. To do this, it looks like I'd have to ensure any accounts with write permissions use only SQL logins (since…
Adam
  • 1,580
  • 21
  • 40
5
votes
1 answer

Access 2010 allowing multiple users/ Implementing group security

I'm creating an Access 2010 database and would like some clarification when it comes to concurrency and security. What I would like is upon starting the app only a menu form to be displayed with several buttons including a login button. Most buttons…
HelloWorld
  • 283
  • 4
  • 12
  • 24
4
votes
1 answer

Securing Parquet Files Column-wise

I have been looking for a way to secure Parquet files, column-wise, for Spark access. Ideally, that would work the same way Apache Ranger works for Hive, i.e., a Sysadmin defines the access policies for different groups and columns. I have been…
Felipe Martins Melo
  • 1,323
  • 11
  • 15
4
votes
2 answers

Is it acceptable to leave a database (Cloud Firestore) unsecured when no site login is required?

I'm building a game with Angular and (for the first time ever) I'm trying to add a high score table. I have set up a Firebase account and got a Firestore (Beta) database working and hooked up. I want a very simple high score system. Users will not…
popClingwrap
  • 3,919
  • 5
  • 26
  • 44
4
votes
2 answers

How to implement Tenant View Filter security pattern in a shared database using ASP.NET MVC2 and MS SQL Server

I am starting to build a SaaS line of business application in ASP.NET MVC2 but before I start I want to establish good architecture foundation. I am going towards a shared database and shared schema approach because the data architecture and…
Maksymilian Majer
  • 2,956
  • 2
  • 29
  • 42
4
votes
1 answer

Escaping knex mysql query statements

I'm fairly new to knex and databases in general, so this is a beginner question. I found no clear mention in the knex docs about this. Are non-raw knex queries automatically "safe"? Secondly, for raw queries, I have several raw statements similar to…
bendulum
  • 1,777
  • 1
  • 13
  • 18
4
votes
2 answers

What is EXTPROC in Oracle?

For security reasons I asked DB team to add EXTPROC_DLLS:ONLY; but they said this: "Please be informed that the KEY = EXTPROC1526 doesn’t refer to any external process at all. This is just a key used by any process needs to call Oraxxx via IPC…
Ace
  • 420
  • 2
  • 8
  • 25
4
votes
1 answer

doctrine 2 orm and sql injection

In doctrine 2, how can I protect against sql injections when using ORM? I found the following page on the doctrine site: http://docs.doctrine-project.org/projects/doctrine-dbal/en/latest/reference/security.html However that is about dbal and not…
J. Rahmati
  • 735
  • 10
  • 37
4
votes
3 answers

Limit Database List to Ones With Permission SQL Server

By default if you connect to a remote SQL Server via an account that has access to say 1 of the 10 databases. You will still see in the Object Explorer all other databases, obviously due to permissions you cannot actually query them, but you can…
Mitchel Sellers
  • 62,228
  • 14
  • 110
  • 173
3
votes
1 answer

Change PostgreSQL password encryption from MD5 to SHA

Is there a way to change the PostgreSQL password encryption method from MD5 to SHA? If Yes, can you please tell me how? I am using PostgreSQL 9.5
P_Ar
  • 377
  • 2
  • 9
  • 25
3
votes
3 answers

How do I securely create queries in ADO.NET where the tables being selected from change?

In ADO.NET you can add parameters to a command object to securely add user input to a SQL query. What is the equivalent for the other predicates common to a SQL query? I am writing a program that is essentially a very limited O-R mapper and SQL…
Chris Pfohl
  • 18,220
  • 9
  • 68
  • 111
3
votes
1 answer

Is PDO ... SET NAMES utf8 dangerous?

Looking at here: http://www.php.net/manual/en/mysqlinfo.concepts.charset.php I understand that using SET NAMES utf8 is not a good idea, but it is not clear: What is the issue? How to avoid it? Which is actually the solution to set the charset…
eMarine
  • 1,158
  • 1
  • 14
  • 26
3
votes
2 answers

How to sanitize or randomize sensitive database fields

What's the most efficient method or tool to randomize a list of database table columns to obscure sensitive information? I have a Django application used by several clients, and I need to onboard some development contractors to do work on the…
Cerin
  • 60,957
  • 96
  • 316
  • 522
1
2
3
14 15