0

I'm new to databases and It's been almost a month I'm working with databases (mostly with MongoDB which is a NoSQL database and I'm loving it :D)

What I am wondering is the security risks you take when you do a direct access to database from let's say a native iOS app.

I know a popular way to this is web service though.

Thanks,

Peyman

Peyman
  • 3,059
  • 1
  • 33
  • 68
  • Please see http://stackoverflow.com/questions/21080067/should-i-access-mongodb-directly/21275918 for some more detailed answers. – Simon Pickup Nov 11 '16 at 17:05

2 Answers2

1

I think there're 2 risks obviously:

  1. sql injection.

  2. How to deal with the db password. Just put the plain text in your config or connection strings?

Anderson
  • 2,496
  • 1
  • 27
  • 41
  • Aha that hardcoding password somewhere in the code made me ask this question. I am right now working with Web Service...not sure if it's the best way though. – Peyman Jul 21 '13 at 04:34
1

+1 on password protection or connection strings. Not to mention that your firewall would have to allow every ip through on your database port. People use web services for a reason...in my opinion, don't even consider this an option

tier1
  • 6,303
  • 6
  • 44
  • 75