| Database Code |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| • | Connection typically unencrypted |
||||||||||||
| – | Use
VPN / ssh tunnel |
||||||||||||
| • | Database data unencrypted or trivially |
||||||||||||
| encrypted |
|||||||||||||
| – | Consider
backups |
||||||||||||
| – | Validate
file access permissions |
||||||||||||
| • | Client
can not be trusted |
||||||||||||
| – | Should
not perform authentication |
||||||||||||
| – | Should
only perform advisory validation |
||||||||||||