Hi,

> But how can I refuse access to the database file when the client app needs
> to have access to it and the user running the app can open the directory

Only the server process (ibserver.exe) needs access to the file. The
client-app
doesn't access the file - it only tells the server where to find it.

And why should the user that's running the app open the directory? He has no
business being in there - either via a local drive of via a mapped drive...

Martijn Tonies
InterBase Workbench - the developer tool for InterBase and Firebird
http://www.interbaseworkbench.com

Upscene Productions
http://www.upscene.com

"This is an object-oriented system.
If we change anything, the users object."

> too.
> Ales
>
> >
> > Hi,
> >
> > > I am a little concerned -surely due to my ignorance
> > - regarding
> > > Interbase and the security. As it is possible that it can
> > substitute the
> > > file isc4.gdb with one own?
> >
> > Yes.
> >
> > >As it is possible to copy the file gdb in
> > > another place -knowing the password of the destination
> > server - and to
> > > have total access to the data?
> >
> > Yes.
> >
> > >Does some arrangement exist for this
> > > problem? Could they illuminate my ignorance helping me a little with
> > > this topic? Any suggestion will be very seen, since I am
> > very according
> > > with Interbase, in spite of the mentioned problem.
> >
> > Simply refusing (physical) access to the server, to the
> > isc4.gdb and to
> > your database file should help a lot.
> >
> > Martijn Tonies
> > InterBase Workbench - the developer tool for InterBase and Firebird
> > http://www.interbaseworkbench.com
> >
> > Upscene Productions
> > http://www.upscene.com
> >
> > "This is an object-oriented system.
> > If we change anything, the users object."