On Thu, Mar 8, 2012 at 5:24 PM, Lamar Owen <lowen@pari.edu> wrote:
(18) No, our control protocol doesn't have authentication, it's up to the network to keep undesired users out. (I won't say what this software is, but suffice to say the package in which it was a part cost over $250,000).
Ten years ago there was a database this was true of: Filemaker. It was designed to reside on a Windows network share but the files could be placed on a Linux server instead. If you chose option 2, you got a custom protocol presenting the database as an array of bytes consisting of the entire raw database file. Logging in meant that the Windows app read the the file header, jumped to the user/password section, read the users and passwords and compared with the one you supplied. The TCP-based protocol requested no authentication: it received only a byte offset and length in the raw file. A colleague and I were asked to install an ISP billing system (!!) built on top of this database. On objection, the ISP's owner insisted. I understood where he was coming from: he was a technical guy who built the then-existing system with scripting and an old DOS-based database which he alone could operate, requiring him to spend gobs of his time on the repetitive and thankless task of processing payments month after month after month after month. He damn well wanted a replacement and didn't much care what. Still... We ended up stuffing the billing app on to a Windows Terminal Server, rigging the server to run that app as the shell, and isolating the DB machine behind it. Office users connected to the virtual server rather than running the app locally. The web portal for the billing app was fun too: it had the standard stupidity where you change the sequential customer userid number in the URL and got the next user's data without having to authenticate as that user. We solved that one with a front end which handled auth and re-wrote the customer request to the heavily firewalled web portal. As I recall, we named the DB machine "HeartOfGold" because (A) it contained all the customers' financial data and (B) there was something improbable and more than a little crazy about how it came to house the billing system. Regards, Bill Herrin -- William D. Herrin ................ herrin@dirtside.comĀ bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004