> > Hey presto, the third party can now set SYSDBA and password to his
> > choice, connect to my DB, drop the triggers or whatever.
>
> As soon as you give the user physical access to a file he can screw
> things up. If they delete the whole file, the application would not
> work as well, right? So where is the difference to dropping the

No, thats not the case. Most other db's I use (and free ones they are
too), you create the DB as DB owner (with a specific user id and
password). Even system provided users cannot change things such as
triggers (if you forget to change the system users password, for
instance).

>
> The DBA of any database installation will always be able to access

the

> data. There is no way around that (just like your network
> administrator will always be able to read your emails or the

contents

> of any file on your harddisk)

The application ships with a userid and password (role based) that the
Persistence and query engine (such as JBoss) uses to connect to the
DB. This role has limited privileges. Also (in the case of JBoss) one
can encrypt the password for this userid too.


So for example,if I put in a trigger that limits the number of users
depending on the license purchased, this trigger cannot be
circumvented.

If I want to prevent the user from even viewing this trigger with a
SQL tool then, yes, I could encrypt the DB too.

But in the above scenario it caters against most users attempts to
bypass the application imposed restrictions. Of course no software can
be 100% secure and repel a concerted attack.

But the way Firebird security is at the moment, one can easily remove
the words "concerted" and "attack" from the sentence. Sorry, this is
NOT a flame. I have been using Firebird for the past 5 years and I
thinks its the bees knees. I wish to see it get even better, if
anything.

I read that Version 2 has a new security model. Is there any gumf
available to read on this anywhere.

Cheers
-raj