At 10:36 PM 29/11/2004 +0000, you wrote:

>I have read the recent posts on Firebird security. I am refering,
>here, mainly to the client server mode of firebird and I feel that
>security can basically be circumvented. I hope you will tell me that I
>am wrong (and with some luck, why so).
>
>Suppose I wish to deploy an enterprise archive with JBoss which
>connects to a Firebird datasource. I supply a gdb file with my dist
>(ear file) which contains my tables and more importantly some
>important trigger checks.
>
>I supply this DB with a user role with limited privileges so the user
>cannot modify (or drop) this trigger.
>
>Now I expect the user to download FB from the FB web site and install
>it .
>
>Hey presto, the third party can now set SYSDBA and password to his
>choice, connect to my DB, drop the triggers or whatever.
>
>Most other DB's I work with have a concept of DB owner which goes with
>the DB file(s). By delegating user password security to security.fdb
>hasn't this been circumvented?
>
>I look forward to someone pointing out that I have got the wrong end
>of the stick and I shall go away and live happily ever after ... or
>will I?

On this basis, you won't live happily ever after until Firebird 2. If you
deploy your database to customers you don't trust, then your customers will
find ways to let you down. If you suspect your customers will break the
database that you sold to them, then write it into the contract that you
won't take responsibility for the consequences of tampering. It's your
duty as the vendor to explain exactly what you will guarantee -- this is
not confined to systems that use Firebird.

./hb