Jump to content

  • Log In with Google      Sign In   
  • Create Account

#ActualSimonForsman

Posted 03 April 2013 - 02:26 AM

retrieving data is "secure" as long as you don't need to restrict in detail what data the client has access to. (having the client fetch for example a list of news directly from a SQL server is safe if the account used by the client is restricted to SELECTs on that specific table), it would probably be faster to use a cache layer between the SQL server and the client though.

 

Any semi-competent user will be able to retrieve the MySQL account used by the client and run their own queries with whatever permissions that account has, if you intend to use the SQL server to allow clients to modify and share the game state in a multiplayer game then no, it will be extremely insecure, and if the updates are frequent, very slow.


#2SimonForsman

Posted 03 April 2013 - 02:23 AM

retrieving data is "secure" as long as you don't need to restrict in detail what data the client has access to. (having the client fetch for example a list of news directly from a SQL server is safe if the account used by the client is restricted to SELECTs on that specific table), it would probably be faster to use a cache layer between the SQL server and the client though.

 

Any semi-competent user will be able to retrieve the MySQL account used by the client and run their own queries with whatever permissions that account has, if you intend to use the SQL server to allow clients to modify and share the game state in a multiplayer game then no, it will be extremely insecure, and if the updates are frequent, very slow.


#1SimonForsman

Posted 03 April 2013 - 02:22 AM

retrieving data is "secure" as long as you don't need to restrict what data the client has access to. (having the client fetch for example a list of news directly from a SQL server is safe if the account used by the client is restricted to SELECTs on that specific table), it would probably be faster to use a cache layer between the SQL server and the client though.

 

Any semi-competent user will be able to retrieve the MySQL account used by the client and run their own queries with whatever permissions that account has, if you intend to use the SQL server to allow clients to modify and share the game state in a multiplayer game then no, it will be extremely insecure, and if the updates are frequent, very slow.


PARTNERS