Pau Lo
asked on
foxpro files and access security
We are doing an internal risk assessment. We have found dbc/dbf files for a foxpro database stored on a windows share share whereby a large number of users have full NTFS permissions. My question is, what is the risk. Do you need foxpro software to be able to open the database? Or could you open the database using something else? It isnt sensitive data but it is important data, so curruption or amending records is a concern. are there any compensating secuity features that could protect direct access to the database records.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
It needs an application change, but is a rather safe encryption.
It's not your main point about the data security, but it also makes it quite impossible to open DBFs with any DBF viewer or even VFP itself.
Also: In regard to NTFS file system access privileges, you don't need to give full permissions, read/write is enough for the normal case. If you PACK (that is a command to get rid of deleted records and shrink DBF files, often used as maintinance) users also need the right to delete files, though, as PACK creates a new one, copies over records not deleted, then deletes a DBF and renames the new ones. So you can't be sure, unless you know the sourcecode.
Bye, Olaf.