Subject Re: [IB-Architect] Fw: Mischievous SYSDBA
Author Steve Tendon
> What threat are you worrying about? Somebody with write access
> can trash your database encrypted or not. Somebody with any
> database access and the same OS privileges as the server can
> recover the key and decrypt the database. Encyrption is only
> a solution if you can protect the key. If you can use the OS
> to protect the key, you can use the OS to protect the file.
> Obscurity is not security. If you can't guarentee key security,
> encryption doesn't buy you anything. Hiding the key on the
> server doesn't work. Giving it to every user to pass on a
> connect doesn't work.

Oh I don't worry about anything... You know, I don't lock the door of my
house.... A very determined housebreaker will get in anyway... and who cares
if neighbour's teenagers get in there as well whenever they want...

But that's me.

Now, for one of the biggest IB VARS with has 10K++ site installations this
is a concern. This is a customer asking. What does IB respond?

The issue is not about the db getting thrashed by unauthorized malevolent

The issue is that highjacked databases are open for inspection, even with
very primitive tools (NotePad...). Can we raise the bar somehow?

This is a problem. What is the solution? Is there a solution? Do we want to
find a solution? or is it too hard?