At 09:22 PM 15/11/2003 -0300, you wrote:

>Thanks for your spanish and english answers I am strongly thinking in
>Firebird 1.5 RC7 but I am a bit worried about the security point
>
>
> > The security of the database it is a critical point. So it is really
> > important to the data not to be edited out of the system.
>
> >>Then make sure that no-one have physical access to your database
> >>file(s). If anyone gets hold of the file(s), it is not very difficult
> >>to get information out of the database. It is possible to access the
> >>database without having direct access to the files, so this is good
> >>advice anyway. (Svein Erling)
>
>
>So you are saying that although a person that doesn't has the password
>can change the data out of the system if he has access to the server or
>perhaps remotely?

No. But if you expose your server physically and allow someone to copy
your database files, then they can copy the files onto their own server and
access your data using their own SYSDBA password.

>Is the same thing in other database systems?

Yes, don't fool yourself that a determined thief with physical access to
your servers will be deterred by a little thing like encrypted access.

The 1.5 version of Firebird has a lot of extras to make it harder for a
malfaisant to compromise your databases from outside of your firewall. But
"hard" does not mean "impossible". Unless you are an expert on network
security, you will do yourself and your customer a big favour by
recommending that they contract a network security expert to advise them on
wire security - regardless of what RDBMS they choose.

heLen