devxlogo

SQL Application Security

SQL Application Security

Question:
Is there a “best” way to design VB/ASP apps to deal with SQL (7.0) security? For example, in a WAN environment and a Web application where the app needs to set up SQL users, somebody or some ActiveX component has to have SQL Server Administrator rights. Is there any way around this? Or do you have any suggestions on where to locate information on this subject?

Answer:
The facilities of Windows NT are superior to the database for controlling password length, password aging, and reuse, and other security elements that are better done in the OS rather than the server.

That said, it is possible to use the fixed server roles to control access&151;perhaps a new “bogus” administrator group with the appropriate denies in place would suit your situation.

See also  Comparing different methods of testing your Infrastructure-as-Code
devxblackblue

About Our Editorial Process

At DevX, we’re dedicated to tech entrepreneurship. Our team closely follows industry shifts, new products, AI breakthroughs, technology trends, and funding announcements. Articles undergo thorough editing to ensure accuracy and clarity, reflecting DevX’s style and supporting entrepreneurs in the tech sphere.

See our full editorial policy.

About Our Journalist