| Subject | Re: [ib-support] ISC4 Security |
|---|---|
| Author | Dalton Calford |
| Post date | 2003-04-11T12:23:35Z |
Hi Rod,
Do not give your users their real login names. Use a rotating login
name/password scheme so that the user can never connect to the database
except through your application.
Add a role to the database called SYSDBA (using insert statements) you can not
have a user in a database with the same name as a role.
This prevents SYSDBA from connecting to your database.
Use views and procedures for any data surfaced to your users so that they do
not know your real table names or referential structure.
There are alot of methods to do what you are looking for.
best regards
Dalton
Do not give your users their real login names. Use a rotating login
name/password scheme so that the user can never connect to the database
except through your application.
Add a role to the database called SYSDBA (using insert statements) you can not
have a user in a database with the same name as a role.
This prevents SYSDBA from connecting to your database.
Use views and procedures for any data surfaced to your users so that they do
not know your real table names or referential structure.
There are alot of methods to do what you are looking for.
best regards
Dalton
On April 10, 2003 09:27 am, rodbracher wrote:
> If I change my sysdba password from masterkey on my local server this
> seems rather pointless as if I copy another isc4.gdb from another
> computer ( with sysdba / masterkey ) I can then log on to the local
> server ( with password masterkey )
>
> We have rather sensitive data structures which it seems anyone can
> view by doing this.
>
> Is there a way to a void such a simple password hack ?
>
> Rod
>
>
>
> To unsubscribe from this group, send an email to:
> ib-support-unsubscribe@egroups.com
>
>
>
> Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/