>
>Problem: gbak will need the key (or whatever) to access the restriction
>portion of the database. Unless we can come up with something tricky,
>this means giving the key to the system administrator, who is the one
>we're trying to protect the data from.

I don't think gback would necessarily be needed in an embedded application.
Couldn't you just copy gdb the file?

>Does this mean that the protection mechanism must work through
>sanctioned program using these interfaces? Defining something
>that is accessible through ODBC is quite a different beast than
>something limited to the native API.

Sooner or later everything has to go through the native API doesn't it? I
am afraid I am very ignorant in this regard. I just assumed that the ODBC
drivers would use the native API.


:wq
Tim Uckun
Due Diligence Inc. http://www.diligence.com/ Americas Background
Investigation Expert.
If your company isn't doing background checks, maybe you haven't considered
the risks of a bad hire.