Thank you for your quick and detailed answer.
While I will be distributing the source code - which as you underline
it - can be reviewed and modified by any user, the database this code
is supposed to access will be shared by all the users. This is not a
database that will run locally on the users' machine. This will be a
remote common place to gather information about the users.
As such I am not sure if I can provide enough protection to my
database, using the solution you proposed, since the database will be
Unless the C++ code accesses the database with a MySQL user that can
only read the database, not modify it... What's your opinion on this?
On Fri, Sep 5, 2008 at 12:35 PM, Warren Young <mysqlpp@stripped> wrote:
> Jean-Sebastien Stoezel wrote:
>> I would like to use mysql++ in an open source project, however I am
>> not to sure how to protect the database from the users.
> I may be misreading this, but it sounds like you have an adversarial
> relationship with your users. Open source doesn't work in that context.
> One distributes open source so that "the users" can build the program and
> run it on their machines. Since they own the machines, they have the
> ability to do anything they like. It doesn't matter where the password is,
> it's their machine, they have the ability to read or change anything on it.
> Perhaps you are conflating multiple classes of users into a single
> undifferentiated entity? If you have administrative users who can start
> your program and other users who can just use it, you can just create a
> password file readable only by the administrator. When the administrator
> starts the program, it reads its password from the protected password file,
> logs into the DB, and allows the end users to use it. This way, it doesn't
> matter if the non-admin users can read the program binary or the source
> You don't have to reinvent this wheel. MySQL already supports such a thing:
> If you want to put it somewhere other than one of the default locations, or
> name it something else, you can pass a ReadDefaultFileOption option object
> to Connection::set_option().
> MySQL++ Mailing List
> For list archives: http://lists.mysql.com/plusplus
> To unsubscribe: