0

I'm new to databases and It's been almost a month I'm working with databases (mostly with MongoDB which is a NoSQL database and I'm loving it :D)

What I am wondering is the security risks you take when you do a direct access to database from let's say a native iOS app.

I know a popular way to this is web service though.

Thanks,

Peyman

Peyman
  • 2,999
  • 1
  • 30
  • 62
  • Please see http://stackoverflow.com/questions/21080067/should-i-access-mongodb-directly/21275918 for some more detailed answers. – Simon Pickup Nov 11 '16 at 17:05

2 Answers2

1

I think there're 2 risks obviously:

  1. sql injection.

  2. How to deal with the db password. Just put the plain text in your config or connection strings?

Anderson
  • 2,280
  • 1
  • 24
  • 39
  • Aha that hardcoding password somewhere in the code made me ask this question. I am right now working with Web Service...not sure if it's the best way though. – Peyman Jul 21 '13 at 04:34
1

+1 on password protection or connection strings. Not to mention that your firewall would have to allow every ip through on your database port. People use web services for a reason...in my opinion, don't even consider this an option

tier1
  • 6,083
  • 6
  • 42
  • 74