RECENT POSTS
- Introduction to FreeBSD Security Best Practices
- Working with Package Management in FreeBSD
- Understanding FreeBSD Security Advisories and Updates
- Troubleshooting Common System Administration Issues in FreeBSD
- Tips for Hardening FreeBSD to achieve System Protection
- Setting Up DHCP Server in FreeBSD
- Secure User and Group Management in FreeBSD Systems
- Secure Remote Access with SSH in FreeBSD
- Optimizing System Performance in FreeBSD
- Network Packet Capture with tcpdump in FreeBSD
- All posts ...
Do you have GDPR compliance issues ?
Check out Legiscope a GDPR compliance software, that will save you weeks of work, automating your documentation, the training of your teams and all processes you need to keep your organisation compliant with privacy regulations
P5-dbix-safe
Jul 20, 2023
Safer access to your database through a DBI database handle
The purpose of DBIxSafe is to give controlled, limited access to an application, rather than simply passing it a raw database handle through DBI. DBIxSafe acts as a wrapper to the database, by only allowing through the commands you tell it to. It filters all things related to the database handle - methods and attributes.
The typical usage is for your application to create a database handle via a normal DBI call to new, then pass that to DBIxSafe->new, which will return you a DBIxSafe object. After specifying exactly what is and what is not allowed, you can pass the object to the untrusted application. The object will act very similar to a DBI database handle, and in most cases can be used interchangeably.
By default, nothing is allowed to run at all. There are many things you can control. You can specify which SQL commands are allowed, by indicating the first word in the SQL statement e.g. ‘SELECT’. You can specify which database methods are allowed to run e.g. ‘ping’. You can specify a regular expression that allows matching SQL statements to run e.g. ‘qrSET TIMEZONE’. You can specify a regular expression that is NOT allowed to run e.g. qrUPDATE xxx. Finally, you can indicate which database attributes are allowed to be read and changed e.g. ‘PrintError’. For all of the above, there are matching methods to remove them as well.
- Older
- Newer
Checkout these related ports:
- Zodb3 - Z - Object Database for python
- Zodb - Python object-oriented database
- Zabbix22-libzbxpgsql - Zabbix agent module for comprehensive monitoring of PostgreSQL servers
- Xtrabackup8 - Open-source backup tool for InnoDB and XtraDB
- Xtrabackup - OpenSource version of InnoDB backup with support of Percona extensions
- Xrootd - Framework for fast, low latency, scalable data access
- Xls2txt - Utilities to convert spreadsheet files to text and csv formats
- Xapian-core12 - Probabilistic text search database engine
- Xapian-core10 - Probabilistic text search database engine
- Xapian-core - Probabilistic text search database engine
- Xapian-bindings12 - Bindings allowing Xapian to be used from various programming languages
- Xapian-bindings - Bindings allowing Xapian to be used from various programming languages
- Wfb2sql - CIA World Fact Book to SQL Conversion Utility
- Webdis - HTTP interface for Redis
- Vsqlite - Well designed and portable SQLite3 Wrapper for C++