List:General Discussion« Previous MessageNext Message »
From:Suhas Pharkute Date:January 30 2007 12:44pm
Subject:Re: Safe DB Distribution
View as plain text  
Thank you everybody for your replies. Seems like I got an answer as no.

Thank you again,
Suhas


On 1/30/07, Dotan Cohen <dotancohen@stripped> wrote:
>
> On 30/01/07, peter lovatt <peter.lovatt@stripped> wrote:
> > Hi
> >
> > You probably cant make it 100% secure, because php is not a fully
> compiled
> > language, and as such an expert techie could probably add extra code to
> your
> > app that wouild allow access to the database, BUT you can get pretty
> close.
> >
> > You will need to encrypt everything in the database using MySql
> encryption
> > functions
> >
> > http://dev.mysql.com/doc/refman/5.0/en/encryption-functions.html
> >
> > This will mean you can only access the data using the password it was
> > encrypted with. This will stop anyone installing the database accessing
> the
> > data using another MySql client.
> >
> > Next you need to encrypt the php so that the user cannot get the
> encryption
> > password. There are a couple of options I can think of, there are
> probably
> > more. The first is Zend Accelerator ( http://www.zend.com) , which I
> think
> > compiles the php (check this though). The second is ioncube (
> > http://www.ioncube.com/) which is intended to prevent unauthorised
> access to
> > php code.
> >
> > As above, your app needs MySql, and is not open source so you need a
> mysql
> > licence.
> >
> > Hope this helps
> >
> > Peter
> >
>
> Actually, I'm pretty sure that you _can_ compile PHP with the Zend
> optimizer.
>
> Another option: host the MySQL server on your own hardware, and
> configure the php script to connect to that. Then you can control
> everything coming in/going out.
>
> What are you trying to protect? And what's the sense in protecting it
> such, if in any case the php script has access to it?
>
> Dotan Cohen
>
> http://lyricslist.com/lyrics/artist_albums/355/moody_blues.html
> http://music-lyriks.com
>
> --
> MySQL General Mailing List
> For list archives: http://lists.mysql.com/mysql
> To unsubscribe:    http://lists.mysql.com/mysql?unsub=1
>
>


-- 
Suhas Pharkute, PhD
CEO - Syna Intelligence, LLP
V. 208 830 8915 (C)
E. sp@synaintel,.com
W. http://synaintel.com

Thread
Safe DB DistributionSuhas Pharkute29 Jan
  • Re: Safe DB DistributionFelix Geerinckx30 Jan
    • Re: Safe DB Distributionpeter lovatt30 Jan
      • Re: Safe DB DistributionDotan Cohen30 Jan
        • Re: Safe DB DistributionSuhas Pharkute30 Jan
    • Re: Safe DB Distributionmizioumt30 Jan
      • Re: Safe DB DistributionGerald L. Clark30 Jan
        • Re: Safe DB Distributionmizioumt30 Jan
        • Re: Safe DB Distributionmos30 Jan
  • Re: Safe DB DistributionFelix Geerinckx30 Jan
    • Re: Safe DB Distributionmizioumt30 Jan
Re: Safe DB DistributionAles Zoulek30 Jan
  • Re: Safe DB DistributionSuhas Pharkute30 Jan
    • RE: Safe DB DistributionSST - Adelaide)30 Jan
      • Re: Safe DB DistributionSuhas Pharkute30 Jan
      • Re: Safe DB DistributionSuhas Pharkute30 Jan
      • Re: Safe DB DistributionSuhas Pharkute30 Jan
        • Re: Safe DB DistributionDan Nelson30 Jan
          • Re: Safe DB DistributionAles Zoulek30 Jan