ccement@rivm.UUCP (Martien F v Steenbergen) (01/07/88)
We are running Informix under Unix System V.2 and Uniq System V.3. The question is how to protect databases from uncontrolled modification. I.e. in a controlled environment, created by a group of developers from some department, a user (from another department) is allowed to query and update the database. The database developers set up forms and rules which guarantee the integrity and consistency of the database. At the same time, in the user's own (uncontrolled) environment, we would like to allow that user to only query the database, but not modify it. Using Informix this is a problem since programs that access the database have setuid root when necessary (sqlexec, sperform), thereby allowing (smart) users to modify the database. What can be done about this security problem? (There must be something that has the same power as SQL but prevents modifying the database!?) Martien. ________________________________________________________________ Martien F. van Steenbergen National Institute of Public Health and Environmental Protection dept. RIVM/CCE PO Box 1 3720 BA Bilthoven The Netherlands tel: (31) 30 742819 email: ...!mcvax!rivm!martien ________________________________________________________________