Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
dev45
Yak Posting Veteran
54 Posts |
 Posted - 2005-03-17 : 08:59:07
|
| Hello all,I wonder if there is a way to hide the code of a stored procedure so that the administrator of the database will not be able to see it. I noticed the "create procedure with encryption" command which doesn't allow for the code to be reviewed. Is there a drawback in this method (or a way around it)? Is it possible to code it in a .dll or assembly for example? (I know there is a way of doing it -coding it in an assembly) when using visual studio 2005 and sql server 2005... but i am currently using vs 2003 and sql server2000thx in advancetheodore |
|
|
mfemenel
Professor Frink
1421 Posts |
Posted - 2005-03-17 : 09:01:38
|
| Well, I'm concerned you'd want to hide the stored procedure code from the administrator. Why would you want to put a blindfold on the person who is responsible for keeping your database alive?Mike"oh, that monkey is going to pay" |
 |
|
|
dev45
Yak Posting Veteran
54 Posts |
Posted - 2005-03-17 : 09:05:56
|
| yeap,nice question.. we better ask my boss;-)my guess is that a few stored procedures might perform business logic that is property of our company and we don't want anyone else to see how it is perfomed... but they SPs have to be there so that the program performs ok;-) |
|
|
|
Michael Valentine Jones
Yak DBA Kernel (pronounced Colonel)
7020 Posts |
Posted - 2005-03-17 : 09:43:56
|
| SQL Server encryption works, but there are free programs available that can decrypt an encrypted stored procedure quickly, so it is not a high degree of security:dSQLSRVD - dOMNAR's SQL Server SysComments Decryptor:http://www.geocities.com/d0mn4r/dSQLSRVD.htmlThere are also SQL Server commercial add-ons that encrypt them with very strong encryption. I have used SQL Shield, but I am not a security expert, so I cannot say if it is really secure. Be careful if you use it, since they claim there is no way to recover the stored proc text, so you must store a copy of the proc outside the database.http://www.sql-shield.com/CODO ERGO SUM |
|
|
|
|
|
|
hide stored procedures code