- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
Never gets old!
Admin
In looking over this again, I have to rescind my previous statement and agree with both of you. Giving an end user direct write/delete access to a production database is just asking for trouble in almost all cases.
Admin
:facepalm: :facepalm::facepalm:
Admin
Yes, TRWTF is at the end "And so, Joep moved on to his next job." Not "And so, Anna moved on to her next job." Always assume the users will blunder and/or experiment and/or be malicious. It's so simple to give users a read-only account.
Admin
So does pgsql for postgres where you have to explicitly start with a 'BEGIN;' to initiate a transaction....
It is the one thing I would like changed in postgres as you may forget setting AutoCommit to false when doing db stuff in your application....
Fortunately it only executes the command when it sees the ';' at the end, so doing this:
UPDATE users SET active = false WHERE id = 64;
Actually only affects the record with id 64
Admin
There's always tomorrow.
Admin
@PleegWat @Yazeran
So we're talking about slightly different things. The 'BEGIN' in PGSQL is similar to 'BEGIN TRAN' in MS SQL Server. This will then wait for a commit/rollback and it will keep the table locked. If you do specify BEGIN TRAN in SQL Server you will have to hit commit/rollback. However unlike Oracle you do not have to hit commit at any time. It's no driver option, no DB option, no server option; sql server simply will commit transactions unless you use BEGIN TRAN. This is how it's different from Oracle.
Admin
I'll be sure to report :smiley:
The disaster scenarios are comparatively minor to the cumulative benefit (headaches averted) of him having powerful tools.
Admin
Yes, but someone at that customer needs to have the DML rights available to them (since they're not just doing reporting) and if it is a relatively small firm, that person might well be Joep. Who sounds like the sterling sort of guy who can't resist elevating permissions for his normal operating environment.
No matter what you do, you can't protect against stubbornly malicious incompetence by authorised users.
Admin
I'm assuming it was used in conjunction with
find?Admin
"Joep moved onto his next job"
What as? Toilet attendant?
Admin
TRWTF is Anna doesn't have a clue about database permissions and Admins either. Joep is just the unlucky guy who spotted it.
Admin
"Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning." -- Rick Cook
Admin
No boom today. Boom tomorrow. There's always a boom tomorrow.
What?
Look, somebody's got to have some damn perspective around here! Boom.
Sooner or later. BOOM!
Admin
I regret that I have but one Like to give you.
Admin
Yes. Production databases.
Admin
What. The. Fucking. Fuck. Did. I. Just. Watch?
Admin
hopefully not that, at least not while at work.
Unless you work in that industry, in which case :jelly:
Admin
I usually use :custard: to represent that.
Admin
ah. i had noticed that, just couldn't remember of the top of my head what the name for it was.
Admin
Yea, know what you mean.
There was a lot of good 'one liners' in that series (especially for the female characters).
My favourite still is:
'Only one human captain has ever survived battle with the Minbari fleet. He is behind me. You are in front of me. If you value your lives, be somewhere else!'
Admin
Alice's brother? https://www.youtube.com/watch?v=zw08Py5nz1w
Admin
Come on, never ever teach someone a bit of SQL, that's just asking for trouble. A bit of knowledge is extremely dangerous.
Admin
As a DBA, I agree. The fail is on the DBAs part here. Joep should never have been given update/insert/delete permissions in the DB. It should have been straight up read -only. He could have created temp tables to manipulate if he needed more flexibility.
As for the backup issues. I'm assuming they are not in Full recovery mode if they lost 1000+ customer's data. If they were they would have been able to do a point in time restore right up until the moment of Joep's mistake.
Look I know DBA's get a bad rep because we say "no" a lot. We also tend to get blamed for things that often aren't the database's problem, ie devs accidentally spawn an extra 20k+ connections to the db above the usual and performance slows. That being said however our primary concern is protecting the data. These DBAs utterly failed in that regard and should be terminated.
Admin
Sure, because :small_yellow_volcano: seems just like :jelly:.
Admin
Have you never had flan? You poor bastard.
Admin
https://www.youtube.com/watch?v=9sEI1AUFJKw
Admin
Not only Dutch.
http://www.encyklopedia-solidarnosci.pl/wiki/index.php?title=Jan_Maria_Rokita
Looks like now he's using a male name "Władysław" as his middle name. Wonder why? :wtf:
BTW, in Polish there is also the name "Marian", which although being similar to "Marianne", is a male name.
Admin
Why not her sister? You sexist ***!
Admin
You can. The simplest solutions are to not allow DML to end users on production DBs and institute backups with full logging. But... https://suneethasdiary.wordpress.com/tag/disabling-auto-commit-mode-in-sql-server-management-studio/ "Disabling Autocommit mode in SSMS By default as we know SSMS (SQL Server Management Studio) is in a Autocommit mode, which means whenever a transaction is executed then that is committed by default. If we want to disable Auto commit mode in SSMSL, then follow below steps: Connect to SQL Server using SSMSFrom the Menu bar, select Tools –> Options Select Query Execution –> SQL Server –> ANSI Make sure that you check the check box SET IMPLICIT_TRANSACTIONS Click on OK"
This tends to lock tables. I have my SSMS set up with a begin + rollback on every new query window, It's no defense against mouse errors and an ID-TEN-T user but that's a data security issue. Sample: BEGIN TRAN
ROLLBACK
Admin
The goddamned bitch set him up, though.
Filed Under: The original crack mayor
Admin
Don't steal my schtick.
Besides, it's obviously buttery mashed potatos with gravy.
Admin
In the shape of Devil's Tower?
Admin
Sure why not. If you're blind and stupid. Which you are.
Admin
Ah, someone who hasn't seen Close Encounters of the Third Kind, yet feels qualified to insult others. Have a :fa_flag_checkered: for :whoosh:.
Admin
What makes you think I haven't seen it? I'm just saying you're blind and stupid.
Admin
Aww, feeling cranky because you had to abandon a couple of threads instead of admitting to being wrong?
Admin
Ahhhh, a logic and riposte so reminiscence of my pre-teen days
Admin
It's just incredible that a customers table have no foreign keys referencing it. Fire the DBA !
Admin
You're assuming they even had a DBA. Or that Joep wasn't the DBA.
Admin
This forum software has no FKs ...
Admin
A forum software doesn't need them. But most of the business apps do, if data integrity is important.
Admin
Data integrity is important. But terribly inconvenient. Users (especially of the “senior, budget-holding” kind) want it, but don't want to do anything to make it possible.
Yes, they are capable of believing 37 mutually inconsistent things before breakfast. Why do you ask?
Admin
-_-
yes they bloody well do!
and a couple of indexes wouldn't go amiss either!
Admin
Makes sense, the dev team obviously don't give a FK about the quality of the software.
Admin
Would you say that FKs are :sunglasses: foreign to them?
Admin
Why (in every one of these stories) is the user not signed into the DB with an account that has read only access???
Heck, that is what I sign in with, unless I am deliberately going to modify data [and then switch back to ROA as soon as that is done]
Admin
LED! The past tense of "lead" is "led!" Why is that concept so hard to grasp? Reading a present-tense verb where a past-tense verb belongs is like tripping over a throw rug. It isn't the end of the world, but it's as annoying as fuck.