Subject Re: Is Firebird too weak for a business environment?
Author Kevin Herrmann
We use these API calls when our program first runs. Unsure if that's early
enough for you but it works well. We call the 'modify' one below to change
sysdba password and the 'create' to add user(s) on first run. Works well.

ISC_STATUS isc_add_user(ISC_STATUS *status, USER_SEC_DATA * user_sec_data)
ISC_STATUS isc_modify_user( ISC_STATUS *status, USER_SEC_DATA *user_sec_data)
ISC_STATUS isc_delete_user( ISC_STATUS *status, USER_SEC_DATA *user_sec_data)

I have a Delphi unit (source unknown) but would be happy to provide it.
BUT, I think I might have seen on this list that these functions are
deprecated.


>
> Agree on your point.
> I have deployed an application to more than 10 clients. Each with FB embedded
> created with different db owner and this owner_id is what the application use
> to login and only known to the app. login layer.
> So, even if someone can access the file, he/she doesn't know the owner_id to
> login.
> But he/she can use the sysdba user_id to login.
> Can we do something about the sysdba during db creation time?
>
> Thanks.
> cm
>
> Alan McDonald <alan@...> wrote:
>
> how secure do you want it to be? it's specifically designed to allow local
> access only to a local file? a foreign server can't get access to it, nor
> can another user on another machine AFAIK.
>
> Alan


=====
Kevin Herrmann