Subject Re: Security Features in Firebird
Author ferry_new2004
--- In, Jeroen Wenting <jwenting@...> wrote:
> > Hello everybody,
> > I am using firebird 2.0. The firebird database is good,
> > unfortunately, the database file could be easily copied and be READ
> > on another pc/computer without any password protection. It means
> that's essentially the same with any database. If you can get at the
> files you can do pretty much anything with them.
> > that if someone want to read the content of the database, he just
> > need to copy the database file and install firebird 2.0 into his
> > computer and then attach the database file into the firebird 2.0 of
> > his computer.
> >
> He'd also need a username and password you had set up for the
database to do
> anything with it.
> >
> > Is there any way to prevent this ?
> Database security includes securing access to the actual machines on
which the
> server is running.
> That can be as simple as shutting down telnet access to those machines,
> requiring ssh access instead, and putting a big lock on the door to the
> serverroom the key of which is kept in a secure place with a strict
> Once an intruder makes it onto a machine he can basically do
anything with the
> data on that machine, Oracle or Firebird doesn't matter anymore at
that stage
> (and you'd be surprised at the number of even major corporations
that have the
> default administrator account and password in place on their
production Oracle
> databases...).
> Security isn't a single layer, it must always be a complete and well
thought out
> system.
> [Non-text portions of this message have been removed]

Thank you for your good explanation. :)