| Subject | Suggestion for Interbase/Firebird security |
|---|---|
| Author | Rusmin Noer |
| Post date | 2003-01-09T19:21:25Z |
Hi,
Since Interbase/Firebird have no security
on opening the database.
I mean everybody can open it with a SYSDBA password.
I have a solution's suggestion.
Let made 2 user and password files.
The first one, like the old one store in the ISC4.GDB.
The second one, put inside the user created database.
So, if a user create a new database
with JOHNDOE username and LOVEUS password
then it will have
JOHNDOE username and LOVEUS password
in the ISC4.GDB and also inside the new created database
(exp:NEW_GDB)
After that,
if another guy use SYSDBA to open the NEW_GDB,
the database-engine will check if SYSDBA exists in the
NEWGDB internal user/password files,
if not -> he will be rejected.
Simple isn't it?
Any comment on my solutions.
Regards,
Rusmin Noer
Since Interbase/Firebird have no security
on opening the database.
I mean everybody can open it with a SYSDBA password.
I have a solution's suggestion.
Let made 2 user and password files.
The first one, like the old one store in the ISC4.GDB.
The second one, put inside the user created database.
So, if a user create a new database
with JOHNDOE username and LOVEUS password
then it will have
JOHNDOE username and LOVEUS password
in the ISC4.GDB and also inside the new created database
(exp:NEW_GDB)
After that,
if another guy use SYSDBA to open the NEW_GDB,
the database-engine will check if SYSDBA exists in the
NEWGDB internal user/password files,
if not -> he will be rejected.
Simple isn't it?
Any comment on my solutions.
Regards,
Rusmin Noer