Reputation: 3558
SQL databases in c++
I'd like to ask is making connection to mysql in code of client-side application (desktop application) is proper? Isn't it unsafe (disassembling of app / sniffing to get database password) ? I am writing in C++.
Upvotes: 1
Views: 152
Answers (2)
Reputation:
It is potentially unsafe, both for the reasons included in the question and because each client will then have direct connectivity to the database. It may also produce a much higher volume of network traffic than if the application server was communicating with the database server.
Upvotes: 1
Reputation: 39807
If the security of your data is important, then you're correct -- you cannot safely embed the password inside your client. Your best bet is that each user have their own password and they must provide it to the client in order to access your database, and your database will have user level permissions.
If user level permissions are not an option for you, then you should consider removing direct access to the database completely. Instead, provide web access to deliver JSON or XML (for example); this simplifies your client app and also allows you to enforce strict security rules at the web app level.
Upvotes: 1
Related Questions
- How can I connect to my SQL Database through C++?
- Is Connecting to MySQL Through a Program Safe?
- Open source libraries for abstracting database access in C++?
- C++ Secure SQL Connection
- C++ class for managing the access to database
- Database access in c++
- Securely deploy an application with mySQL login data
- C++ Secure Connection to DB
- c++ database connection to mysql
- Database Security Question