|Subject||Re: [Firebird-Java] Security Features in Firebird|
> Hello everybody,that's essentially the same with any database. If you can get at the physical
> I am using firebird 2.0. The firebird database is good,
> unfortunately, the database file could be easily copied and be READ
> on another pc/computer without any password protection. It means
files you can do pretty much anything with them.
> that if someone want to read the content of the database, he justHe'd also need a username and password you had set up for the database to do
> need to copy the database file and install firebird 2.0 into his
> computer and then attach the database file into the firebird 2.0 of
> his computer.
anything with it.
>Database security includes securing access to the actual machines on which the
> Is there any way to prevent this ?
server is running.
That can be as simple as shutting down telnet access to those machines,
requiring ssh access instead, and putting a big lock on the door to the
serverroom the key of which is kept in a secure place with a strict accesslist.
Once an intruder makes it onto a machine he can basically do anything with the
data on that machine, Oracle or Firebird doesn't matter anymore at that stage
(and you'd be surprised at the number of even major corporations that have the
default administrator account and password in place on their production Oracle
Security isn't a single layer, it must always be a complete and well thought out
[Non-text portions of this message have been removed]