Re: Modifying SQL query for security?? What is your opinion?

mc wrote:
>
 

> If you're talking Sybase, it is a relatively simple matter to
> write a pass-through open server. This means that all programs
> would think they're referencing a Sybase server but would be
> going through your Open Server program instead. The Open Server
> would simply take any input given, parse and manipulate it
> (add your security stuff), pass it on to the real Sybase Server
> and then pass the results back. The interface for all programs
> remain the same. Isql would still work, ODBC connections, whatever.
> This is basically the kind of thing Sybase Open Server is ideal for.
>

Thanks for the advice! I have received other answers too and all told me, the implementation of this kind of solution is too expensive to implement.
Then, you are the first one who think about it positively! Since, we are using Sybase, Ingres and Oracle your proposal can be really interesting!
I will send an e-mail to the other people who was interested about this topic, and direct them into comp.security.unix group. I think, we can have an interesting discussion.
Furthermore, I will send a bit tetailed explanation of my problem.

Thanks,

L.S. Received on Thu Nov 21 1996 - 00:00:00 CET