| Subject | AW: [firebird-support] FireBird security, where ? |
|---|---|
| Author | Steffen Heil |
| Post date | 2004-12-14T13:54:06Z |
Hi
This is being discussed about twice a week.
Read the archive.
In short: If you want a secure database, secure the file.
If someone can touch the file, it is inherently insecure.
(This is true for any database I know. And even in theorie, there is nothing
you can do about it, except of encrypting the whole database file, making
access much slower - even then you would need to secure the running database
server process against debuggers, which could get the password easily.
Alltogehter: The server process and the database file NEED to be secured
externally (by the OS).)
Regards,
Steffen
-----Ursprüngliche Nachricht-----
Von: Charles-Henri Balet [mailto:chb-technologies@...]
Gesendet: Dienstag, 14. Dezember 2004 13:34
An: firebird-support@yahoogroups.com
Betreff: [firebird-support] FireBird security, where ?
Wichtigkeit: Hoch
Hello,
I'm want to protect my database for reverse engeenering (stored proc and
table fields definition), after one day of test I think it's not possible,
it's very simple for anything to force the security of interbase and
firebird
sample : you create a database .fdb and you crypt a password for SYSDBA
access of server and ? it's very simple
to acced of this fdb database, you copy the fdb file on
other computer with local firebird server, your login
on SYSDBA with your new password and you access on all
table's and stored proc ??????? you say security !!!!!!
peraps any can help me to a method for protect my stored proc and table
design !!!
many thanks
balet charles-henri
------------------------ Yahoo! Groups Sponsor --------------------~-->
$4.98 domain names from Yahoo!. Register anything.
http://us.click.yahoo.com/Q7_YsB/neXJAA/yQLSAA/67folB/TM
--------------------------------------------------------------------~->
Yahoo! Groups Links
[Non-text portions of this message have been removed]
This is being discussed about twice a week.
Read the archive.
In short: If you want a secure database, secure the file.
If someone can touch the file, it is inherently insecure.
(This is true for any database I know. And even in theorie, there is nothing
you can do about it, except of encrypting the whole database file, making
access much slower - even then you would need to secure the running database
server process against debuggers, which could get the password easily.
Alltogehter: The server process and the database file NEED to be secured
externally (by the OS).)
Regards,
Steffen
-----Ursprüngliche Nachricht-----
Von: Charles-Henri Balet [mailto:chb-technologies@...]
Gesendet: Dienstag, 14. Dezember 2004 13:34
An: firebird-support@yahoogroups.com
Betreff: [firebird-support] FireBird security, where ?
Wichtigkeit: Hoch
Hello,
I'm want to protect my database for reverse engeenering (stored proc and
table fields definition), after one day of test I think it's not possible,
it's very simple for anything to force the security of interbase and
firebird
sample : you create a database .fdb and you crypt a password for SYSDBA
access of server and ? it's very simple
to acced of this fdb database, you copy the fdb file on
other computer with local firebird server, your login
on SYSDBA with your new password and you access on all
table's and stored proc ??????? you say security !!!!!!
peraps any can help me to a method for protect my stored proc and table
design !!!
many thanks
balet charles-henri
------------------------ Yahoo! Groups Sponsor --------------------~-->
$4.98 domain names from Yahoo!. Register anything.
http://us.click.yahoo.com/Q7_YsB/neXJAA/yQLSAA/67folB/TM
--------------------------------------------------------------------~->
Yahoo! Groups Links
[Non-text portions of this message have been removed]