Security Basics mailing list archives

Re: security against dba?s

From: Ansgar Wiechers <bugtraq () planetcobalt net>
Date: Thu, 12 Feb 2009 23:32:21 +0100

On 2009-02-12 Nick Vaernhoej wrote:

I am curious about the repeated argument "if you don't trust your
DBA's, hire/promote someone you can trust".
Is that a common perception?
I am personally of the belief that no one is to be trusted and my
system designs should be reflecting this.


How would you protect any system from its administrator?

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq

Current thread:

Re: security against dba´s rohnskii (Feb 11)
- <Possible follow-ups>
- Re: security against dba´s dan . crowley (Feb 11)
  - Re: security against dbaÂ´s Andre Rodrigues (Feb 12)
- Re: security against dba´s rohnskii (Feb 11)
  - RE: security against dbaÂ´s Nick Vaernhoej (Feb 12)
    - RE: security against dbaÂ´s Scott Richardson (Feb 12)
    - RE: security against dbaÂ´s Nick Vaernhoej (Feb 12)
    - Re: security against dba?s Ansgar Wiechers (Feb 12)
    - Re: security against dba?s Ray Van Dolson (Feb 12)
    - Message not available
    - Re: security against dba?s Ray Van Dolson (Feb 13)
    - RE: security against dba?s Nick Vaernhoej (Feb 13)
  - Re: security against dbaÂ´s Andre Rodrigues (Feb 12)
    - Re: security against dbaÂ´s Adam Pal (Feb 12)
    - Re: security against dbaÂ´s Andre Rodrigues (Feb 12)
- Re: security against dba´s rohnskii (Feb 12)
  - Re: security against dbaÅ½s Ansgar Wiechers (Feb 12)
    - Re[2]: security against dbaÅ½s Adam Pal (Feb 13)
    - Re: security against dbaÅ½s Ansgar Wiechers (Feb 13)