Milanez, Marcus wrote: Should I always assume that the resources that my application access (like a database for example) doesn't need additional security, because it is hosted in a server, and if this so called server was attacked them worse things could actually happen? Generally I would expect worse things to happen if the database server was compromised compared to just a single account. Of course, it depends which account.
In this case, should I assume as a developer (not as a system admin), that my network is safe, that my web server is safe? You can't look at the individual components. You have to look at the system as a whole. Security is always a trade-off. The right trade-offs will vary from system to system. In terms of security, is it right to delegate a web system administrator the right to know my application's database user and password? Again, it is a trade-off. What are the risks of them knowing the password vs. them not knowing? Is it practical to keep it from them? My own $0.02 would be that you can keep the DBA password from them but the password the system uses would be very hard to keep from them. If you really don't trust them with it then you are either very paranoid or you should be thinking about terminating their employment. I know that security recommendations in database side tells us that an application users should only have access to what they need, in terms of commands, tables and so on, but again, should I always assume that as a developer? It will vary from organisation to organisation but I would expect the system developers to provide a set of scripts to create the necessary database objects and the DBA to review them to ensure they are appropriate, including minimal permissions. > In my point of view, I think my application server should take care of all > these issues for me... The app server can't do you security assessment for you. If you find one that can, let me know ;) In fact my only suggestion is: My app. Server should ask for a 'key' (besides the manager password) whenever I install a new application. This key could be used to encrypt all my application files, preventing anyone to open them. I know there are issues like 'Where should this key be stored?', 'Who should type this key ?' and I know that, but I can't find a good answer... I'm just exposing some ideas. There is no easy solution to this (that I can think of) --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
