Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Security Question

0 views
Skip to first unread message

Michael

unread,
Jan 3, 2002, 4:51:07 PM1/3/02
to
Hi;

Does anyone have any suggestions on how to keep your
database tables safe from anyone just going into a
database editor and "playing" with the data?

It hasn't happened yet but with more & more people
becoming knowledgable in the use of computers, what can be
done to prevent the above. We have tried "Hiding" the
directory where the data resides under Novell but it
causes some problems with FoxPro trying to locate files.
Any suggestions?

Thanks in advance!

Mike

Alex B

unread,
Jan 3, 2002, 5:46:10 PM1/3/02
to
This is a tough one, really. Without a major rewrite, you can't really just
make your dbf files uneditable because with the way almost all fox apps are
written, you'll need direct access to the directory to be able to access the
tables - hence any hex editor could also... If you upsize to sql server or a
true server based dbms, then security is a piece of cake comparatively.
There are ways to implement good security in fox, but they are quite complex
IMO...


"Michael" <mich...@altavista.com> wrote in message
news:523d01c194a0$bfb14ab0$3aef2ecf@TKMSFTNGXA09...

Tod McKenna

unread,
Jan 3, 2002, 5:52:26 PM1/3/02
to
If you have fox7 you can use the database events to check for the existence
of an application object. I haven't done this yet, but I am sure it is
possible (and easy).

Anybody get this to work yet?

I would assume that the code would look something like this:

If TYPE("myApplication") <> "O"
RETU .F.
ENDIF


"Michael" <mich...@altavista.com> wrote in message
news:523d01c194a0$bfb14ab0$3aef2ecf@TKMSFTNGXA09...

wanadoo.fr

unread,
Jan 3, 2002, 6:09:42 PM1/3/02
to
Hello.

Well, you know, absolute security cost is infinite ... it's a dialectic. :o((((

But there are some ways to approach it.

First, it is essential to determine a security strategy : cost vs rate service, or readibility vs access time, for example.
The database organization might be based on this strategy.
I mean, it's obvious that sentitive data splitted to differents file, with a master file exclusively containing pointers,
is more difficult to read or interpret than a database conceived like an excel sheet.

Furthermore, another level is online data encryption.
But it requires a high-level analysis and good skill to code concurrent database accesses.

Could you specify the way you aim your project ?

Gérard.

"Michael" <mich...@altavista.com> a écrit dans le message news: 523d01c194a0$bfb14ab0$3aef2ecf@TKMSFTNGXA09...

Michael

unread,
Jan 3, 2002, 6:40:45 PM1/3/02
to
Hi Gerard;

One place is running two large applications. About 100
fulltime/parttime employees. The apps are written in vfp6
and are extremely stable. The use NT terminal server to
for gaining access at there other loactions. The files are
stored in .DBF tables and can easily be read/modified by
anyone who knows how. One concern they are now having is
that someone can just modify the tables, delete records...
We were wondering if there is a "quick fix" to prevent
anyone from doing so. The applications were just re-
written over the past 2 years from fpd 2.6. The tables
were just converted to vfp 6.0 format.

Craig Berntson

unread,
Jan 3, 2002, 7:43:04 PM1/3/02
to
You could use an application server that hosts a COM component to get at the
data. Then, only the user id the component runs under will have access to
the data. Users never directly have access to the data and don't have rights
to the data server.

--
Craig Berntson
MCSD, Visual FoxPro MVP
www.craigberntson.com
Salt Lake City Fox User Group
www.slcfox.org
Visit FoxCentral www.foxcentral.net
---


"Michael" <mich...@altavista.com> wrote in message
news:523d01c194a0$bfb14ab0$3aef2ecf@TKMSFTNGXA09...

Craig Berntson

unread,
Jan 3, 2002, 7:41:41 PM1/3/02
to
This will not stop someone from using a text editor or even Word to open the
table.

--
Craig Berntson
MCSD, Visual FoxPro MVP
www.craigberntson.com
Salt Lake City Fox User Group
www.slcfox.org
Visit FoxCentral www.foxcentral.net
---


"Tod McKenna" <t...@opaldata.com> wrote in message
news:#xtoflKlBHA.2416@tkmsftngp04...

wanadoo.fr

unread,
Jan 4, 2002, 3:28:14 AM1/4/02
to
Excel is often used to to that (and corrupts indexes).

Gérard.

"Craig Berntson" <cr...@craigberntson.com> a écrit dans le message news: upV6RiLlBHA.1516@tkmsftngp07...

Alan B

unread,
Jan 4, 2002, 3:52:44 AM1/4/02
to
At the end of the day if your user can see the files, they can mangle them.
This applies to files from any application.

If you're using an NT/2K server and NT/2K/XP workstations, you could put the
files in a shared directory but allow access only to admins and say a user
'foxprouser'. Then when your users run the app on the workstation you could
do

net use x: \\myserver\mydatadir password PASSWORD /USER:foxprouser

.. or it's equivalent using Windows API commands. Then remove the
redirection when they exit the app. That would keep you safe unless they
were actually in the app, at which point they could alt-tab out and create
chaos on drive x:.


"Michael" <mich...@altavista.com> wrote in message
news:523d01c194a0$bfb14ab0$3aef2ecf@TKMSFTNGXA09...

MAppell917

unread,
Jan 4, 2002, 5:29:45 AM1/4/02
to
I believe there is a control by Xitech called Cryptor that will automatically
encrypt/decrypt dbf files "on the fly."

Regards,

Mike

Stephen

unread,
Jan 4, 2002, 11:13:33 AM1/4/02
to
Michael,

The best way to do this is:

Write a short encryption procedure.

e.g.

say you wanted to store passwords in a table.
encrypt the password before storing it.
then when you want to access it use the same algorithm to unencrypt the
password.

for example use asci values *122/4

you will no the key but no one else will

"Michael" <mich...@altavista.com> wrote in message
news:523d01c194a0$bfb14ab0$3aef2ecf@TKMSFTNGXA09...

Craig Berntson

unread,
Jan 4, 2002, 7:21:27 PM1/4/02
to
Cryptor will stop people from seeing the data, but will not stop them from
corrupting it.

--
Craig Berntson
MCSD, Visual FoxPro MVP
www.craigberntson.com
Salt Lake City Fox User Group
www.slcfox.org
Visit FoxCentral www.foxcentral.net
---


"MAppell917" <mappe...@aol.com> wrote in message
news:20020104052945...@mb-cu.aol.com...

Niels van der Kooij

unread,
Jan 5, 2002, 8:54:32 AM1/5/02
to
With the network running on NT, we hide the directory by adding a dollar
sign to the end of the directory.

\\ntserver\DataFiles$\Appdir

This way, the directory is hidden from the user, unless he knows the exact
name of the directory.

And no smart fella has messed up my tables so far!

regards
NvdK

Niels van der Kooij

unread,
Jan 5, 2002, 11:32:46 AM1/5/02
to
btw, it is the sharename that needs the $ sign.

more info on:

http://support.microsoft.com/default.aspx?scid=kb;EN-US;q90929


"Michael" <mich...@altavista.com> wrote in message

news:617201c19602$32e5da70$35ef2ecf@TKMSFTNGXA11...
> I will try that. Thanks!!!


Willianto

unread,
Jan 5, 2002, 3:48:24 PM1/5/02
to
Hi Alan,

Michael's post is really what i have been trying to convey in my post (dbc
security 12/31/01 12:47 AM) and i'm interesting in your answer.

Q: Can i apply your solution if i use a vfp native database in an NT server
*but* access it through an odbc connection? I yes, how can i do that?

TIA.
Willianto

0 new messages