tags:

views:

27

answers:

1
Q: 

Securing ASP.Net user database

Hi,

I'm working on the web app which will be hosted on the client's server.

There are various restrictions/security measures in place and I'm concerned that these can be "hacked" because the client will have a direct access to the ASP.Net user database through the SSMS.

I can think of few ways to stop the user from doing this, but I'm interested to find out whether there are any specifc standards that I should follow?

Thank you

+1  A: 

If the client has direct administrative access to the database, there's not much you can do. If these are the client's login details - why is this then a problem?

Paddy  2010-05-24 11:23:39
For example client is limited to 50 users, or client shouldn't have an an ability to log in as a SuperUser into the application.
vikp  2010-05-24 12:19:14
@vikp - this should probably be something you write into your code if you don't want the clients to exceed it. As for the super user thing - you're selling them the software, they should be able to use it as they please (but can possibly be advised against doing).
Paddy  2010-05-24 13:01:34
Thank you for the reply.
vikp  2010-05-24 13:14:01

related questions

User Control Public Shared Variables in ASP.NET 1.1 Not Working As Expected
Best place to save user information xp and vista
Training Users In Security
User Groups Management Implemenation for Desktop Application Question (C#) ?
iPhone application : is-it possible to use a "double" slider to select a price range
Getting multiple UI threads in Windows Forms
How do you store/share online your personal documents ?
Using windows authentication to log on to site using c#
What is the best way to add users to multiple groups in a database?
Unix Proc Directory
Have you ever faced an ethical issue when creating an application?
PostgreSQL 8.3 privileges not updated - wrong usage?
Hierarchical Group Permissions Theory/Resources?
Beta Test Guidelines / Agreement
Getting user photo from SPUser using WSS Object model
Do you know a service like uservoice.com for bug reports?
Multiple permission types (roles) stored in database as single decimal
Best Way to Unit Test a Website With Multiple User Types with PHPUnit
Average User Download Speeds
Passing switches to Xcode 3.1 user scripts
How do I add a user in Ubuntu?
Enumerate Windows user group members on remote system using c#
Should menu items always be enabled? And how do you tell the user?
What do you look for from a User Group?
How to make subdomain user accounts in a webapp