|
|
>> What, and giving every user on the network complete access to the DB
>> isn't a bad idea? ;-)
>
> OK, storing the password in a *desktop* application is a dumb idea. It's
> not quite so dumb when you're talking about a web app where people don't
> have the database's password stored locally.
Sure. If it's a web app, you can put the DB server and the web server
right next to each other and firewall the hell out of it. But giving the
desktop users the password - in a highly regulated safety-relevant
system? Not smart.
Of course, I didn't make a point of telling the auditors about this...
--
http://blog.orphi.me.uk/
http://www.zazzle.com/MathematicalOrchid*
Post a reply to this message
|
|