Hi Scott,

A really big thanks for this more than complete answer; I'll be
trying the 'firebird' user for starting the server (of course, I'm
not using NT.. : )), and surely look the kewl project!

Txs again!
ale_pira

--- In ib-support@y..., Scott Taylor <scott@d...> wrote:
>
> I've been looking for FB/IB issues for over a year and only thing I
can
> ever come up with is a backdoor that was in Interbase prior to
> Firebird. So make sure you have the latest version.
>
> I have not seen and FB/IB security groups, not to say one doesn't
exist.
>
> The worse security issues, that I can see, is plain text passwords
that get
> sent over the net to port 3050, and that Firebird runs as root, by
default.
>
> Firebird Super Server comes with a script that will add the
user "firebird"
> and set all the permissions to the new user. Very advisable to do,
though
> I don't know if it works the same on NT, then again, (some might
disagree)
> I would never use NT for something I wanted secure either. ;)
>
> Hans pointed out this kewl project:
> http://sourceforge.net/projects/zebedee/
> which will allow you to create a secure tunnel between client and
server by
> encrypting and compressing your data stream. The compression is
gravy as
> it'll just speed up the flow.
>
> That's about all I can offer, right now, other than a link to
> http://ibphoenix.com/ and http://firebird.sourceforge.net/
>
> Don't be afraid to ask your security questions here though, even if
they
> all just seem like a bunch of code warriors. ;)
>
> Good luck.
>
> Scott.