Hello Ian,

> Hi All,
> I am in the process of tying down the security of a Firebird based
> application we are developing. Currently we have the following
> situation.
>
> 1. Our database is owned by a user other than sysdba.
> 2. There is a role in our database called sysdba to stop sysdba
> access.
> 3. Our isc4.gdb file has been modified in a similar manner to that
> proposed by Ivan Prenosil
> (http://www.volny.cz/iprenosil/interbase/ip_ib_isc4.htm) with a
> number of changes - The log file is removed (to stop user names
> being identified) and the users view is modified so that the
> database owner, not sysdba is the user able to see all users.
>
> Just a few questions.
> 1. Backup. Who is able to backup a database? Any user or only
> specific users?

The database owner used in 1) is able to do a backup, but each
user (except SYSDBA in your case) can do a restore.

> 2. Will this scheme stop users copying the isc4 and our database to
> another machine and getting access to the contents?

No. In the case that someone has physical access to the database, he
can move the database to a new Firebird installation and if he knows
the database owner, he could create that user with a different
password to get full access to your database.

Whether a non database owner user has rights on your database objects
depends on your granted rights on tables, views, ... But he surely
can create new database objects and pump e.g. 3 GB of data into one
of a newly created table ;-).


Regards,
Thomas Steinmaurer
IB LogManager 2.1 - The Logging/Auditing Tool for InterBase and Firebird
http://www.iblogmanager.com