Database question

Kee Nethery kee at kagi.com
Mon Sep 2 15:27:01 EDT 2002 

>On 9/2/02 1:28 PM, "Tuviah M Snyder" <diskot123 at juno.com> wrote:
>
>>  Try prohosting (www.prohosting.com). They offer inexpensive mysql, php,
>>  and webhosting. You can access the mysql database remotely from any
>>  system, I use it myself to test mysql access.
>>
>>  Tuviah
>>  _______________________________________________
>>  use-revolution mailing list
>>  use-revolution at lists.runrev.com
>>  http://lists.runrev.com/mailman/listinfo/use-revolution
>
>Thank you Tuviah. It looks like I'll be switching my ISP for the second time
>this year. Just out of curiosity, is it feasible to set up MYSQL in such a
>way as to have it accessed by remote clients (like Rev) and having
>permissions granted for every client (thus according to some ISP's, opening
>doors to hackers), or was MYSQL designed more for being accessed locally?
>I'm just trying to figure out the workflow, whether the Rev client should
>access the data remotely or communicate with a local version of itself
>already on the server?

Your best bet is to build a secure tunnel from the ISP machine 
directly to your MySQL machine. I'm not technically knowledgeable to 
be able to tell you how to do this, but I can tell you that we use 
SSH between specific machines and sometime we use a VPN through 
firewalls when one set of machines needs to talk to another set of 
machines. The SSH tunnel should be transparent to the Rev to MySQL 
connection if it is set up correctly.

I know it can be done, we do it. If you can install a firewall at the 
ISP, a VPN (Virtual Private Network) between two firewalls is very 
easy to configure. If they will not allow extra hardware and or you 
do not want to use hardware, use the SSH tunnel.

The alternate solution is to use some encryption scheme such as 3DES 
or AES or Blowfish, etc and build an encryptor/decyptor that uses a 
private key. Then before you pass the data to MySQL, encrypt it, and 
when you catch the data at that machine, decrypt it, run it, then 
encrypt the results, etc. You could probably do that pretty easily 
with Rev on both ends. The Rev on the ISP server pretends to be MySQL 
and the Rev on the MySQL machine pretends to be the database client.

Kee Nethery

More information about the use-livecode mailing list