Slashdot Mirror

← Back to Stories (view on slashdot.org)

Keeping Customer From Accessing My Database?

Posted by kdawson on from the my-precioussss dept.

cyteen02 writes "We run a data processing and tracking system for a customer in the UK. We provide a simple Web site where the customer can display the tracking data held in our Oracle database. From these screens they can query based on a combination of 15 different data fields, so it's pretty flexible. We also provide a csv report overnight of the previous day's data processing, which they can load into their own SQL Server database and produce whatever reports they want. Occasionally they also want one-off specific detailed reports, so we write the SQL for that and send them the results in an Excel format spreadsheet. This all ticks along happily. However they have now asked for direct read-only access to our Oracle database, to be able to run ad-hoc queries without consulting us. As a DBA, my heart sinks at the thought of amateurs pawing through my database. Unfortunately, 'because you are stupid' is not considered a valid business reason to reject their request. So can any Slashdotters assist me in building my case to restrict access? Have you experienced a similar situation? Have you had to support this sort of end user access? How would you advice me to keep my customer away from my precious tables?"

2 of 567 comments (clear)

  1. Re:Why? by orzetto · · Score: 0, Redundant

    I am (not the only) responsible for a database-driven Web site for KDE translators to Italian. We use the database to keep track of statistics and generate some meaningful numbers such as what has a certain translator to do and how much work is left to the next release.

    According to my experience, read-only access cannot trash the data, but can trash the server. Once I tested a non-trivial query, and it seemed it would take forever to complete. So I Ctrl-C'ed and went away. Next thing I know, the admin contacts me a few hours later and tells me that the query was still running and brought the server (which is very graciously hosted by the Pisan LUG) to a halt. I would guess this is the main problem the original poster was thinking of.

    --
    Victims of 9/11: <3000. Traffic in the US: >30,000/y
  2. Re:A simple suggestion by v(*_*)vvvv · · Score: 0, Redundant

    Ya. Why give the keys to your house, when you can *copy* it and throw one up accross town. Sync it during off-hours.

    We are working with data here. Copying it is easy. Why spend money adding security to a door they do not need to access.