Subject Re: [Firebird-Architect] Re: database encryption
Author Alex Peshkoff
On 11/08/10 19:45, Olivier Mascia wrote:
> Roman,
>> I was thinking rather in the direction of statically linking Firebird
>> database engine (not server) in something bigger, and that bigger
>> provides its own means for remote protocol (if any), encrypted storage,
>> key management, tampering detection, etc.
> I like it that way. Which means having hooks such that an application linking the embedded version (would it need to be statically linked in for that matter, not sure) can instruct the fb core to callback the app host for pio (to make it short and simple).

FB3 is supposed to support builtin plugins, including builtin into
application, using embedded engine. Therefore from this POV I see no
problems. What about linking statically - on my mind need in this means
bad design. Why not check any kind of dynamic library checksum instead?

> In other words: do not design for security plugins to fb, but design fb to be a db plugin to an application shell implementing the security. Is that precisely your mind?

I do not see reasons why not support both approaches.