| Subject | Embedded, was Re: [Firebird-general] Re: The 2003 LinuxQuestions.org Members Choice Awards have begun |
|---|---|
| Author | Helen Borrie |
| Post date | 2003-11-18T09:34:46Z |
At 09:21 AM 18/11/2003 +0000, you wrote:
implied in an embedded server connection. I don't quite see how you
*could* set up permissions in a database if there's no way for the embedded
server to tell which user is currently logged in.
As for "huge" security hole...doesn't this get back to the biggest security
hole of all - the one in the physical system design? If you don't want
someone to steal a database, don't put it where a thief can get it.
Helen
>Hi HelenGrants are nothing to do with the security database. However....
>
> > Embedded on Win32 doesn't use the security.fdb file *at all*. It
>bypasses
> > it. You need the embedded client, firebird.msg, the UDF and
>language dlls
> > and ib_util.dll. No Registry settings either.
>
>Does this mean that the embedded client ignores all grants in the
>database? This is a huge security hole.
>Could you copy a protected...hat's a good question. There must be some kind of "default user"
>database (with a sysdba role for example and various users with
>different access rights) to a machine with the embedded server and
>access all the tables?
implied in an embedded server connection. I don't quite see how you
*could* set up permissions in a database if there's no way for the embedded
server to tell which user is currently logged in.
As for "huge" security hole...doesn't this get back to the biggest security
hole of all - the one in the physical system design? If you don't want
someone to steal a database, don't put it where a thief can get it.
Helen