使用实体框架时保护生产数据库的最佳实践
[英]best practices for protecting a production database when using entity framework
问题描述
I have been helping a small to medium sized business implement a new CRM using entity framework core for sql server.
我一直在帮助一家中小型企业使用 sql 服务器的实体框架核心来实施新的 CRM。 They are very protective over their sql database to the point where they refuse to grant permissions to most of the tables and only grant some permissions on some columns (this is how they have worked in the past, using views to do all data operations).他们非常保护他们的 sql 数据库,以至于他们拒绝授予大多数表的权限,只授予某些列的一些权限(这就是他们过去的工作方式,使用视图进行所有数据操作)。
I have argued the case for giving entity framework permissions, but have been refused on the grounds that large sized enterprises would under no circumstances have credentials that have full access to the live database.我曾争论过给予实体框架权限的理由,但被拒绝了,理由是大型企业在任何情况下都不会拥有可以完全访问实时数据库的凭据。
what are the best practices for database access when releasing to a production environment?发布到生产环境时,数据库访问的最佳实践是什么? Do major organizations normally have a username and password that has full control over both the data and also the schema for migrations, or is there a correct approach to limit the access that the ORM has?主要组织是否通常拥有可以完全控制数据和迁移模式的用户名和密码,或者是否有正确的方法来限制 ORM 的访问权限?
1 个解决方案
解决方案1
0 2021-03-10 22:28:14
I agree with Dan.我同意丹。 There's not much point in using EF if you're creating stored procedures for all CRUD operations.如果要为所有 CRUD 操作创建存储过程,则使用 EF 没有多大意义。 For any sizable system that's a lot of procedures.对于任何有大量程序的大型系统。 I rewrote some older code, moving from all stored procedures to EF Core, giving EF full read/write access.我重写了一些旧代码,从所有存储过程转移到 EF Core,为 EF 提供完全读/写访问权限。 Stored procedures are easier in that you know absolutely everything going on in the database.存储过程更容易,因为您完全了解数据库中发生的一切。 No surprises.没有惊喜。 But a lot of code to write and maintain.但是要编写和维护很多代码。 EF Core lets you focus on using the data, without having to write much SQL code. EF Core 让您可以专注于使用数据,而无需编写太多 SQL 代码。 The way I see it, the previous system still had complete data access.在我看来,以前的系统仍然具有完整的数据访问权限。 It had to or it couldn't manage the data.它必须或无法管理数据。 It was just broken up into hundreds of stored procedures instead of a single data context.它只是被分解为数百个存储过程,而不是单个数据上下文。 In the end, I didn't see EF Core's privileges as much of an additional security risk.最后,我没有将 EF Core 的权限视为额外的安全风险。 If the idea is that the complexity of the procedures kept it from being attacked, I think that's a weak argument.如果想法是程序的复杂性使其免受攻击,我认为这是一个弱论点。 Once an attacker has system access one might presume they can figure out the rest.一旦攻击者获得系统访问权限,他们可能会认为他们可以找出 rest。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.