on 2012 Jan 13 8:16 AM
We're considering developing a new application for re-sale. Enquries with potential clients is positive but some have said that thier DBAs will need to administer the db.
How do I protect the IPR contained within the stored procedures? I don't mind them accessing the data but I wan't to protect the code.
Cheers,
Tim
See the help for the ALTER PROCEDURE .... SET HIDDEN syntax.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
... but a DBA could easily call DROP PROCEDURE or ALTER PROCEDURE BEGIN -- myCode replaces yourCode -- END...
(Do I sound paranoid? - Well, you asked a security question...)
So giving customers DBA authority will usually mean they generally are able to modify the database in ways that don't work with your app anymore.
Therefore, if you just want them to be able to do certain maintenance tasks like backup/validation, user managemenent, encapsulatung these facilities into stored procedures (with execute permissions for the customers) or into events might be better.
And in case they need to be able to add their own tables (but not to modify yours), RESOURCE authority would be an option.
I can't think of any way to deliver a script to CREATE or ALTER stored procedures in the customer's hands without revealing their contents... the CREATE or ALTER script itself must be in the clear, with the SET HIDDEN coming later to close the barn door after the cows have escaped. Also, a high-privilege connection is required to run the script, thus revealing a high-privilege user id and password. One solution is to only allow the vendor to run the script, another (which Foxhound uses) is to deliver a new *.db file and migrate the data from the old database... there are several other advantages to the latter approach.
As to the SET HIDDEN clause, you can do CREATE procedure with already hidden contents - that what I've pointed to in the FAQ. Nevertheless, the point about the connection with DBA (or at least RESOURCE) authority may still hold true - unless you have some special procedure (or particular app) that can be used by not so priviledged users to "read and apply a particular schema update file.
In the cited case, that particular connection was SQL Remote applying update scripts in passthough mode, with the Remote DBA authority ... so just a builtin security feature:)
Another way to distribute procedures/functions: if you do an "unload" of the schema, the hidden proc is extracted in enrypted form, ready for distribution without being visible. Here is the unload file for one of our hidden procs:
create procedure app_owner.GRANT_DB_ACCESS hidden'**&&*&$)...' go
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
...yes, as stated (somewhat hidden) in one of my comments on Glenn's answer and in this cited FAQ...
A truly "hidden" feature:)
In case the customer-site DBA primarily need to do maintenance tasks like backup/validation, you can
All these tasks do not need DBA authority.
In order to protect the source code of your database objects, use SET HIDDEN for all your views, procedures/functions, events and triggers, as Glenn has told.
Additionally, you may be able to restrict the access to system tables (i.e. "REVOKE SELECT on sysXyz from MyUsers" - though that is limited to some degree, AFAIK).
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
71 | |
10 | |
8 | |
7 | |
7 | |
6 | |
6 | |
6 | |
6 | |
5 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.