I need some help for my issue I will explain.
We have a delphi application named for instance App.exe. We use oracle database with our application.
I would like to allow just my App.exe (my valid application that was built by me) and not other App.exe that some other developer created.
At this moment we are signing our App.exe with a public CA.
So, is there any way to say to oracle to verify the App.exe and allow the connection since it is "official"? Maybe a trigger? Or validating the certificate signed?
Thanks!!
Diego
Best Answer
No matter what safeguards you put in place on the server side, it will always be possible for a client to fake a connection. This is an inherent limitation of the client-server model - the server can only gather information about the client by querying the client, and the client can always be configured to lie.
You cannot completely protect against this without the use of middleware. If you only allow the middleware to connect directly to the database e.g. by ip blocking, then you can have complete control of what commands can and can't be sent to the database.