1984 (Big Brother)
in [General]
|
Prev: How to handle a submitted form with no changes -- bestpractices sought
Next: Counting Children!
From: "Bob McConnell" on 13 Sep 2010 09:43 From: tedd > At 9:10 AM -0400 9/13/10, Steve Staples wrote: >>here's a silly idea... >> >>put the database on his computer (or the entire app). that way, when >>he's *there* he is logged in. if the computer is off, he's not there, >>the app wont work (and the database). > > Silly or not, that *would* work. > > Now I have to figure out how to do that. This may be the only way to do it, but it shouldn't be too hard to figure out. If he turns off the computer every time he leaves his desk, it can be installed anywhere, even as a service. But if he leaves the computer on, it has to be on his desktop, probably with an entry in his Start directory to start it when he logs in. But he has to actually log out of the desktop to block access, not just leave it in the screen saver. Bob McConnell
From: "Bob McConnell" on 13 Sep 2010 09:46 From: tedd > At 11:55 PM -0400 9/12/10, Paul M Foster wrote: >> >>I hate to seem flippant, but here would be my conversation with this >>customer: >> >>Customer: "My employees got access to the database while I was gone >>yesterday!" >> >>Consultant: "Well, let's see. Oh, it appears you didn't properly log >>out." >> >>Customer: "Yes, but I was *gone*. They weren't supposed to be able to >>access the database unless I'm *here*." >> >>Consultant: "The only way we know that is if you log in and log out >>properly. Now, if you like, we can put a nanny-cam in your office, and >>whenever you're not there (like in the bathroom), the whole thing shuts >>down. That will cost $x. Your choice. We've been working on the >>mind-reading extension to PHP, but it's not finished yet." > > Customer: Thanks for your opinion. We'll be in touch. > > Customer to his secretary: Let's find someone who knows how to do this. Anybody that tells him it can be done is lying through their teeth and will just be stealing his money. He probably deserves what he gets in this case. Bob McConnell
From: viraj on 13 Sep 2010 11:56 hi tedd, if steve's idea is something doable.. why don't you consider setting up the mysql data dir on some removable media (thumb/flash drive)? so the boss can pull it off if he is going home. and it's easy to detect this in code and display a message to system users, something similar to that 'mysql server has gone away' message. (boss has gone away) :) ~viraj On Mon, Sep 13, 2010 at 7:13 PM, Bob McConnell <rvm(a)cbord.com> wrote: > From: tedd > >> At 9:10 AM -0400 9/13/10, Steve Staples wrote: >>>here's a silly idea... >>> >>>put the database on his computer (or the entire app). Â that way, when >>>he's *there* he is logged in. Â if the computer is off, he's not there, >>>the app wont work (and the database). >> >> Silly or not, that *would* work. >> >> Now I have to figure out how to do that. > > This may be the only way to do it, but it shouldn't be too hard to > figure out. If he turns off the computer every time he leaves his desk, > it can be installed anywhere, even as a service. But if he leaves the > computer on, it has to be on his desktop, probably with an entry in his > Start directory to start it when he logs in. But he has to actually log > out of the desktop to block access, not just leave it in the screen > saver. > > Bob McConnell > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
From: Marc Guay on 13 Sep 2010 12:39 > if steve's idea is something doable.. why don't you consider setting > up the mysql data dir on some removable media (thumb/flash drive)? It seems to me that almost no matter what method you choose, you're going to have to ask the client to do something manually - whether that's logging out of the website, shutting down his computer, removing a thumb drive, or whatever - so you might as well be upfront about that and see how he responds. Provide the different options and get them to choose one, at some point they'll need to take a bit of personal responsibility for the management of this paranoid system. Marc
From: tedd on 13 Sep 2010 12:47
At 12:39 PM -0400 9/13/10, Marc Guay wrote: > > if steve's idea is something doable.. why don't you consider setting >> up the mysql data dir on some removable media (thumb/flash drive)? > >It seems to me that almost no matter what method you choose, you're >going to have to ask the client to do something manually - whether >that's logging out of the website, shutting down his computer, >removing a thumb drive, or whatever - so you might as well be upfront >about that and see how he responds. Provide the different options and >get them to choose one, at some point they'll need to take a bit of >personal responsibility for the management of this paranoid system. > >Marc Marc: What everyone has suggested, I have done. But the decision remains the client's. When I get rich enough to hire myself, then I'll tell myself what to do. Until then, I'm just a worker bee and follow the hive. Cheers, tedd -- ------- http://sperling.com/ |