3 Replies Latest reply on Dec 20, 2011 9:03 AM by Sorbsbuster

    Security Concerns

    NaturSalus

      Title

      Security Concerns

      Post

      Hello,

      Since I realized that FM password security can be bypassed I got really concerned about the security of my FM-based projects.

      My main goal is to prevent the access to the database structure and the scripts.

      If I got it right, securiry in FM is implemented through Privilege Sets and User Accounts. However, since in the end the protection is based on Account Names and Passwords, and since both can be figured out, my question is: are there other ways to prevent unauthorized access to the database structure and the scripts?

       

      When creating an FM-based runtime application it is possible to delete the Admin access, but converting a project into a runtime application is like downgrading it. So, untill an FM-based runtime application has as many capabilities as a FM project, this is not  a valid option for me.

      Thanks,

      natursalus

        • 1. Re: Security Concerns
          Sorbsbuster

          How would you 'figure out' the Account Names and Passwords (any differently from any other application)?

          • 2. Re: Security Concerns
            NaturSalus

            Hello Sorbsbuster,

             

            How would you 'figure out' the Account Names and Passwords (any differently from any other application)?

            There are applications out there in the web that can do the job. But it happens with all pieces of software that use passwords to ensure security.

            Just to give you an example, all pdf files that are password protected can be unprotected very easily.

            I can't be more specific concerning FM because it is against the FM community and my own interests to name a piece of software that can disrupt many hours of hard work.

            To me it is very frustrating because I cannot protect neither my pdf files nor my FM files.

            So, there has to be some work around this vulnerability, to protect the database structure and scripts on an FM-based application.


            natursalus


            • 3. Re: Security Concerns
              Sorbsbuster

              I was only trying to make a comparison with other databases.  With enough effort almost anything can be hacked.