> Version 2 will (I expect) have pluggable security - the current
> mechanism and a variety of alternates. 1.5 is too close to release to
> take on this problem
Why not just add new option to firebird.conf
# In place security enhancement,when used only MD5 digest of password is
stored in security database.
#Warning: could cause compatibility problems ! Default (Off) is recommended.
# Type: boolean
MD5Password = 0 [0/1]
server can use MD5 to compute digest from password and store it (or eight
signs if this is the limit) in security database.Checking password would
also be a straightforward solution.
Besides there is a couple of security holes in FB 1.5 RC8 as Adriano dos
Santos Fernandes describes in his email sent to devel list.