3
A doubt, I have some functions and procedures customized and I do not want my client (who has access to the bank) to be messing with their script. Does anyone know any native MSSQL way of encrypting these codes ?
1 answer
2
If you need something you handed the client to be secret, you’ve already lost this game of cat and mouse. In fact you were already defeated before the game even started.
The very article mentioned in the comments shows how trivial it is to decrypt functions and procedures encrypted with WITH_ENCRYPTION. And with write access in the bank, your client can edit the logic at will. If he’s not worried about keeping his logic, he doesn’t even need to decrypt his own, just overwrite it with a new logic without even reading the old one.
Someone might suggest that if you want to keep your bank logic intact, you can keep the queries in the application. Besides being less performatic than having functions and procedures in the bank, there is no source code that cannot be decompiled, then we end up back at square one.
If you don’t want your logic to be read or changed, the only way is to sell service instead of code. Keep the application and the database on a server that only you have access to. Any other solution you are offered is snake oil.
Browser other questions tagged sql sql-server
You are not signed in. Login or sign up in order to post.
see if it helps, https://www.mssqltips.com/sqlservertip/2964/encrypting-and-decrypting-sql-server-stored-procedures-views-and-userdefined-functions/
– Marco Souza
Thanks @Marconciliosouza, helped, why using the
WITH ENCRYPTIONalready helps me in what I need and inhibits any curious client from changing the script.– Ricardo Souza
Your question is quite redundant if your client has access to the database.
– Lacobus
Hello @Lacobus, it is not redundant, and the link sent by Marconciliosouza has already helped me in my questioning.
– Ricardo Souza