November 15, 2007 at 10:33 pm
We are using Ms-Sql 2005 Express. We use management studio by login server authentication. We have created one database thru user sa, that is password protected. Now when we copy .mdf and .log set and trying to attach to another instance thru sa, that has different password, it successfully attached. Is it ok?
Actual patch is that we create database, stored procedures and triggers thru user sa and we access database in application thru user RPKDATA with limited access. Now when database is copied and attached to other instance it shows everything, means our business logic used in stored procedures and triggers is available to others.
In short, is there any method that is used to secure our database? I just want to create a database that is accessible with only my password.
Thanks in advance for your help:)
November 26, 2007 at 8:22 am
Hi,
You can create your procs and view with WITH ENCRYPTION option, this will prevent others from viewing their code. Be sure though that you have these objects scripted.
HTH,
P.
...and your only reply is slàinte mhath
November 26, 2007 at 8:33 am
The encryption algorithms for code aren't very strong and there are programs easily available on the Internet that will decrypt them. But they'll work for casual users.
There's no way to do what you want. Hundreds of companies sell SQL Server apps, their code in triggers (which are a bad idea in general) and stored procs, is visible and they do fine. Don't worry about it.
If you've got something that's really proprietary, build it into an assembly and call that. It can still be decompiled, but it's a little harder.
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply