Very Computer

by **Steven G. Listop** » Thu, 12 Mar 1998 04:00:00

All,

I am going to deploy a SQL Server-based application overseas. The question of
a "run-time only" version of SQL Server has come up. I don't have any

experience with "run-time only" versions of software. It was explained to me
that, for example, Access has this feature. It allows you to deploy the
database, but restricts users from being able to change things (I suppose
administrator-type things, like table columns, etc.) in the database. Use of
the database isn't restricted, however.

My situation is that I really don't want users to be able to modify my
SQL database, as this would make maintenance extremely difficult.

Does this ring a bell with anyone? Is it possible? Impossible? Maybe
even a silly question, since Access isn't on the same "level" as SQL
Server? Maybe there MUST be a local administrator (assuming that *I* am
not going to administer the server), and that this person MUST be trusted to
keep undesired changes from happening. I was just hoping to be able to
provide a more or less "shrink-wrapped" application that remote persons
couldn't alter. This may be impossible with SQL Server.

Any thoughts would be appreciated.

Thanks!

Steve Listopad

by **Randy Charles Mori** » Sat, 14 Mar 1998 04:00:00

SQL Server unlike Access does not have a run-time only version. You can
use ms-SQL Server's built in security to fix this. But ms-SQL Server 6.5
is so buggy that doing such will almost garantee headaches for your clients
and big-time support for you.
Hope I've helped.
--

MiddleWorld SoftWare - http://web2.ica.net/middleworld
--------------------------------------------------
He went out of his way to be good.

> All,

> I am going to deploy a SQL Server-based application overseas. The
question of
> a "run-time only" version of SQL Server has come up. I don't have any

> experience with "run-time only" versions of software. It was explained
to me
> that, for example, Access has this feature. It allows you to deploy the
> database, but restricts users from being able to change things (I suppose
> administrator-type things, like table columns, etc.) in the database.
Use of
> the database isn't restricted, however.

> My situation is that I really don't want users to be able to modify my
> SQL database, as this would make maintenance extremely difficult.

> Does this ring a bell with anyone? Is it possible? Impossible? Maybe
> even a silly question, since Access isn't on the same "level" as SQL
> Server? Maybe there MUST be a local administrator (assuming that *I* am
> not going to administer the server), and that this person MUST be trusted
to
> keep undesired changes from happening. I was just hoping to be able to
> provide a more or less "shrink-wrapped" application that remote persons
> couldn't alter. This may be impossible with SQL Server.

> Any thoughts would be appreciated.

> Thanks!

> Steve Listopad

by **Ben McEw** » Sat, 14 Mar 1998 04:00:00

says...

Quote:> I am going to deploy a SQL Server-based application overseas. The question of
> a "run-time only" version of SQL Server has come up. I don't have any

No, this feature does not exist. The only protection you have is to use
encryption on your procs, views, and triggers, so somebody can't
sp_helptext them. IMHO, this should only be done if you're genuinely
worried about somebody stealing your SQL code. It makes administration
harder, not easier.

Quote:> Does this ring a bell with anyone? Is it possible? Impossible?
> Maybe there MUST be a local administrator (assuming that *I* am
> not going to administer the server), and that this person MUST be trusted to
> keep undesired changes from happening.

You got it. It's the same problem people have faced with network apps.
What if the network admin deletes thus-and-such a file? That would break
everything! Unfortunately, there's a certain level of trust you need to
have that your customer is not a total nutcase and will make bizarre
changes. You need to keep the sa user account to do maintenance
activities. (SQL Server does not allow you to delete sa, like Sybase
does.) I'd never recommend that you install a SQL Server somewhere
without somebody being able to run DBCC stuff in case there's a problem.

Quote:> I was just hoping to be able to
> provide a more or less "shrink-wrapped" application that remote persons
> couldn't alter. This may be impossible with SQL Server.

Shrink wrap is all well and good on a client app. But the backend stuff
should be kept as open as possible. Your more advanced users will thank
you for it.

--
Ben McEwan, President, Geist, LLC

by **Steven G. Listop** » Sat, 14 Mar 1998 04:00:00

>No, this feature does not exist. The only protection you have is to use
>encryption on your procs, views, and triggers, so somebody can't
>sp_helptext them. IMHO, this should only be done if you're genuinely
>worried about somebody stealing your SQL code. It makes administration
>harder, not easier.
>--
>Ben McEwan, President, Geist, LLC

Ben,

Thanks for the input (Randy - thank you, too; I sent you an email response).

It looks like I'll have to trust those who do the administration.

Steve

Very Computer

Does this feature exist?

Does this feature exist?

Does this feature exist?

Does this feature exist?

Does this feature exist?