隐藏数据库用户表 [英] Hiding tables from database users
问题描述
我有一个使用SQL Server 2008中的数据库的Web应用程序.我是该项目的开发人员,并且该项目已经托管在其他地方.
I have a web application using a database in SQL Server 2008. I am the developer of this project and this project has been hosted elsewhere.
我已将项目交付给管理员.现在,管理员可以连接到SQL Server,但我不希望管理员能够查看数据库表.
I've delivered the project to the administrator. Now the administrator is able to connect to SQL Server but I don't want the administrator to be able to see the database tables.
有什么办法吗?
推荐答案
我以前已经看到ACT的开发者做到了这一点.他们的产品安装了SQL Server Express的新实例,并在该过程中加密了该实例的sa密码.这使得其他人使用他们的产品和附加工具以外的任何其他东西连接到数据库都是不可能的".我不确切知道他们是怎么做的,但是也许您可以搜索对sa密码或类似密码进行加密,然后找出如何做.不好意思安装您自己的SQL Server实例我不确定您会怎么做.请记住,由于DBA无法访问SQL Server实例,因此您的应用程序将需要提供备份,调整,修改等功能.
I've seen this done before by the makers of ACT. Their product installs a new instance of SQL Server Express and as part of that process they encrypt the sa password for the instance. This makes it 'impossible' for others to connect to the database using anything other than their product and add-on tools. I don't know exactly how they do it, but perhaps you could search for encrypting sa password or something similar and find out how to do it. Shy of installing your own instance of SQL Server I am not sure how you would go about this. Bear in mind that your application will need to then provide the ability to backup, tune, modify, etc the database as the DBA would not have access to the instance of SQL Server.
顺便说一句,一旦看到此消息,我们便将ACT淘汰了-我没有,现在仍然不喜欢,就像在我们的一台服务器上运行黑匣子的想法一样.
Incidentally, we threw ACT out once we saw this - I didn't, and still don't, like the idea of a black box running on one of our servers.
最后,您可能会发现增加保护层(对您而言,对客户而言)对您而言并不值得.尽管您可能以数据库模式的形式拥有专有信息,但是客户端对应用程序进行反向工程然后自己制作应用程序的可能性很小.即使他们做到了,也很难制造出优秀的软件-他们可能仍然无法正确地做到这一点.
In the end, you'll probably find that this added layer of protection (for you, not the client) just isn't worth the aggravation. While you may have proprietary information in the form of the database schema the odds of the client reverse engineering your application and then making their own are slim. Even if they did, it is hard to make good software - they likely wouldn't get it 'right' anyway.
我的建议,不用担心,专注于使您的软件更出色,这样就没有理由让他们自己推出产品或寻找其他地方.
My advice, don't worry about this, focus on making your software great so there is no reason for them to roll their own or look elsewhere.
这篇关于隐藏数据库用户表的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
