| Subject | Re: [IB-Architect] Re: Nailing down the external file problem. |
|---|---|
| Author | Dmitry Yemanov |
| Post date | 2001-01-09T08:47:38Z |
Hi,
and I don't want customers to have full access to the database. All
administration tasks are performed through the software with the hard-coded
SYSDBA password or somehow else (for example, by engineers of our company).
But I cannot guarantee that there's no low-level changes made by the
customer in the database, because of an ability of isc4.gdb to be
potentially replaced. Maybe this example isn't the best one, but I hope
you'll take the point.
Best regards,
Dmitry
> > The security database is probably not a good place to put things. ItCannot agree. Let us suppose I have a completely pre-configured solution
> is a well
> > known weakness that a user who has access to the server in some way
> can replace
> > the security database with one of their own.
>
> This weakness must be addressed anyway. I hadn't thought about it
> much: is the problem in the OS or Interbase (I know it exists on the
> baby Windows and Novell systems)? I hadn't thought it a problem on a
> properly configured secure system like NT or Unix.
and I don't want customers to have full access to the database. All
administration tasks are performed through the software with the hard-coded
SYSDBA password or somehow else (for example, by engineers of our company).
But I cannot guarantee that there's no low-level changes made by the
customer in the database, because of an ability of isc4.gdb to be
potentially replaced. Maybe this example isn't the best one, but I hope
you'll take the point.
Best regards,
Dmitry