| Author |
Topic |
|
sql777
Constraint Violating Yak Guru
314 Posts |
 Posted - 2004-10-08 : 07:39:30
|
| Hi,i want to hide my sql script from users, how can I do this?I have seen some software that when you click on a stored proc in EM you can't see the script. what products are out there?2ndly, if someone simply runs a sql trace, can't they see what's beign executed on the sqlserver anyhow? |
|
|
robvolk
Most Valuable Yak
15732 Posts |
Posted - 2004-10-08 : 08:03:17
|
| You can CREATE PROCEDURE myProc WITH ENCRYPTION, this will encrypt the code in SQL Server and it will not be visible to anyone use EM or QA. Two things though:1. MAKE SURE you have a copy of your procedure in an unencrypted form, preferably in a source control system. Don't encrypt it until you do this.2. SQL Server's default encryption is fairly weak and can be broken if someone is determined to do so.I don't know of any 3rd party procedure encrypting tools out there (there are some for encrypting data though), but Google should find them for you. As far as running a trace, if the procedure is encrypted the code will not be shown. I don't know how this would work with a 3rd party encryption tool though.BTW, why do so many of your end users have Enterprise Manager? What do they need it for? If they're not admins, they don't need it. |
 |
|
|
Seventhnight
Master Smack Fu Yak Hacker
2878 Posts |
Posted - 2004-10-08 : 08:04:56
|
from BOLCREATE PROC [ EDURE ] procedure_name [ ; number ] [ { @parameter data_type } [ VARYING ] [ = default ] [ OUTPUT ] ] [ ,...n ] [ WITH { RECOMPILE | ENCRYPTION | RECOMPILE , ENCRYPTION } ] [ FOR REPLICATION ] AS sql_statement [ ...n ] Corey |
|
|
|
sql777
Constraint Violating Yak Guru
314 Posts |
Posted - 2004-10-08 : 08:10:09
|
| its not an inhouse thing, so i have no control over their access...wow so its pretty easy! |
|
|
|
sql777
Constraint Violating Yak Guru
314 Posts |
Posted - 2004-10-08 : 08:11:34
|
| what would be cool is if somehow you could have a debug version of your SQL Scripts, and a 'Release' version that has the WITH ENCRYPTION in all scripts...oh well! |
|
|
|
Merkin
Funky Drop Bear Fearing SQL Dude!
4970 Posts |
Posted - 2004-10-08 : 08:16:41
|
| What you SHOULD be doing is keeping your scripts in files, in source control. WHen you make a change, make it to the script, save it, run it and commit the change.Damian |
|
|
|
Kristen
Test
22859 Posts |
Posted - 2004-10-11 : 06:26:38
|
| "'Release' version that has the WITH ENCRYPTION in all scripts"We put /* WITH ENCRYPTION */ in all our SProc source code and then just globally change to replace/* WITH ENCRYPTION */withWITH ENCRYPTIONbut you do need to have some sort of centralised source control in order to do this!By the by, the SQL Encryption is pants. I had read that SQL2K was significantly stronger than its predecessors, but a client recently lost the password to one of their own SProcs that had been encrypted and I had reason to get one of the Happy Hacker scripts off the internet and I was appalled at how simple the encryption was.So I'm now considering stripping all comments from our SProcs, on release, and may be some other "obfuscation" techniques. What a waste of my good time ...Kristen |
|
|
|
dave
Starting Member
15 Posts |
Posted - 2004-10-27 : 21:33:06
|
| The encryption is pathetic and there are quite a few very simple tools out there that will unencrypt them way too easily.Using "WITH ENCRYTPION" gives you false feeling of security. |
|
|
|
jen
Master Smack Fu Yak Hacker
4110 Posts |
Posted - 2004-10-27 : 21:42:16
|
after reading kristen's post, it was pretty much disappointing, coz i thought hey, here's a nice tool. but then after searching google, i found this script that just removes the 'with encryption' clause without much effort.i'm still hoping microsoft can strengthen this feature. right now, i'm 'redesigning' the admin sprocs i use.<sigh>  --------------------keeping it simple... |
|
|
|
Kristen
Test
22859 Posts |
Posted - 2004-10-27 : 22:45:07
|
| Anyone come across a "compression" tool for SProcs that strips comments etc?I don't feel like I should be included those on SProcs marked "WITH ENCRYPTION" :)Kristen |
|
|
|
|
sql script encryption