Sounds like there are some security concerns here.
On Sep 12, 2010, at 11:32 AM, tedd wrote:
I have a client who wants his employees' access to their online
business database restricted to only times when he is logged on.
(Don't ask why)
I do wonder why, though. Perhaps this is an opportunity to educate
someone about security and privacy and web applications? Does he feel
that by being logged in, he can control every aspect of connection to
the data base? Or even be aware of every access to the data base? What
is he hoping to accomplish be being logged in? Does he propose to
actively monitor the data base transactions in real time while he's at
work? What is he hoping to avoid by requiring his logged in state
before anyone else can access the data base? Just being logged in
won't dissuade a cracker from attacking his data if they so choose,
nor will it prevent a disgruntled employee from damaging the data
while he's logged in if they have the expertise and means.
Also, what happens when he's sick or incapacitated some day and can't
log in to the data base. Does he expect his business to continue
without his presence or does it also shut down for the day?
This just seems like an excessive amount of paranoia that his solution
won't provide an answer for. It seems like a poor business decision on
his part.
In other words, when the boss is not logged on, then his employees
cannot access the business database in any fashion whatsoever
including checking to see if the boss is logged on, or not. No
access whatsoever!
What about access to the web application while he's not logged in? Do
they still have that? If someone is determined, they can still learn a
lot.
Normally, I would just set up a field in the database and have that
set to "yes" or "no" as to if the employees could access the
database, or not. But in this case, the boss does not want even that
type of access to the database permitted. Repeat -- No access
whatsoever!
I was thinking of the boss' script writing to a file that
accomplished the "yes" or "no" thing, but if the boss did not log
off properly then the file would remain in the "yes" state allowing
employees undesired access. That would not be acceptable.
So, what methods would you suggest?
What about access to a parallel data base that only contains
information pertaining to access? i.e. separate out the application's
authentication and access control from the main data base and put it
in a parallel data base.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
