| Subject | Re: [ib-support] Firebird Deployment (Round 2 - Users) |
|---|---|
| Author | Artur Anjos |
| Post date | 2003-01-09T09:49:59Z |
Marcus:
Some ideas inside your text
Some ideas inside your text
----- Original Message -----
> (Snip)
> 1. If the installation program installs Firebird then the application can
> take control over the username and password. However if the user wants to
> use Firebird for their own development, they wont have to install Firebird
> but they wont be able to use it either. Because I would have setup
Firebird
> on that machine with my own SYSDBA username and password.
Change your application install to ask for, if Firebird is already
installed, the SYSDBA password. With it, create a new user, thaqt will own
your database.
> 2. If Firebird is already installed and the user has their Firebird server
> setup in such a way that none SYSDBA users cannot add users, I'm screwed.
>
No, you're not. You just have to adapt yourself to a service that it's not
'private' to your application.
> Thinking about this I don't think I've chosen the correct database. I
think
> Firebird is more for Client/Server applications, where as I'm after (for
> now) a single client database that is secure. Does anyone else agree?
Im my modest opinion, you choose the rigth database, but a wrong approach to
it. But you just need to change a few things to make it happen.
> I was hoping to use Firebird for this as for the first release of my app
it
> will be a single app deployment. However as the application grows (and I
> hope it will) its possible I will move into the realms of Client/Server. I
> have so far designed it to be as Client/Server friendly as I know how.
Yes, you just failed in the installation approach. Instead of using SYSDBA,
thing about using a predefined user that will own your database. One
friendly approach it's using some kind of prefix to your application to your
users, something like MYP_ARTUR, MYP_MARCUS, MYP_OWNER, etc.
You must check for other workstation related problems also. Imagine that
your users will use Interbase also, even just the client. You don't want to
mess around other configurations.
And yes, you still have security problems related to users can copy the
database to other computer and look at your sp and triggers code. For me
it's not a problem. There are always alternatives. Adapt yourself, and
Firebird'it.
Artur