""garyrhaywood"" <gary@...> wrote in message
news:a6hg75+ootc@......

>
> Claudio I think we are talking the same security hole? That is that=20
> is the ability for any interbase user to copy any (regardless of OS=20
> or Interbase permissions) file so long as the location is known. Why=20
> would such a thing be be allowed and if it was allowed (assuming=20
> someone does have rocks in their head) you should be able to turn it=20
> off.
>
> here's part of an earlier post could this solution be easily=20
> implemented?

This is not a solution but a source of more problems for me. We are going
against the stream here. Classic practically impersonates the client and
acts with the client's rights. SuperServer is a totally independent process.
Integrated security a la MsSql works well when there's a single OS to
mantain. When there are several, you would have to map the security API in
each OS to the engine. It can be done, provided that there're enough
developers that know how to do that in a robust way in all supported
platforms. In the long term, it becomes another layer of dirt to maintain
and troubleshoot. We have enough with the authentication problems at login
time.
What's needed is a setting that effectively restricts the location of
external files and new GRANTS for DDL commands, apart from a couple of
predefined, system roles ("thank you" Borland for not including a system
flag in rdb$roles).

C.
--
Claudio Valderrama C. - http://www.cvalde.com - http://www.firebirdSql.org
Independent developer
Owner of the Interbase® WebRing