| Subject | Re: [firebird-support] Create SYSDBA power under a different name and then delete SYSDBA |
|---|---|
| Author | Charles-Henri Balet |
| Post date | 2004-12-16T04:39:05Z |
I'm happy to read your message Namit, it's my solution too, only rename
SYSDBA user for multiply by 100 the security of the database
for 99.99% of users (yes, it's remain software developper that can modify
the source code of firebird for bypass security, it's easy for
me too, but 99.99% of users can't make that) but much are able to only copy
my fdb database to an other firebird server and have access
to all information without write any code line and don't know software
!!!!!! I don't want obtain a 100% access free of my database but
a minimum of security, and now with the actual state of SYSDBA access, we
can't have any little secure protection, try that make that with
Oracle or Sybase or MS Server !!!!!! and say me, I work with this database
too ...
Peraps the separate security database is a good think, but it's difficult to
explain to our client that any that can copy the fdb file can access to all
information of their database, without crack or software modify, only a copy
on a new server, the question of my client : and the encrypted password
that we have giving !!!! for nothing unfortunately, and all this only for a
SYSDBA user definition that we can rename or revoke !
If I can rename SYSDBA user, I can put "grant" access on all my users and
99.99 % can't access my database, it's not perfect, but more better I think
that none security like now !
best regards
balet charles-henri
SYSDBA user for multiply by 100 the security of the database
for 99.99% of users (yes, it's remain software developper that can modify
the source code of firebird for bypass security, it's easy for
me too, but 99.99% of users can't make that) but much are able to only copy
my fdb database to an other firebird server and have access
to all information without write any code line and don't know software
!!!!!! I don't want obtain a 100% access free of my database but
a minimum of security, and now with the actual state of SYSDBA access, we
can't have any little secure protection, try that make that with
Oracle or Sybase or MS Server !!!!!! and say me, I work with this database
too ...
Peraps the separate security database is a good think, but it's difficult to
explain to our client that any that can copy the fdb file can access to all
information of their database, without crack or software modify, only a copy
on a new server, the question of my client : and the encrypted password
that we have giving !!!! for nothing unfortunately, and all this only for a
SYSDBA user definition that we can rename or revoke !
If I can rename SYSDBA user, I can put "grant" access on all my users and
99.99 % can't access my database, it's not perfect, but more better I think
that none security like now !
best regards
balet charles-henri
----- Original Message -----
From: "Namit Nathwani" <namitnathwani@...>
To: <firebird-support@yahoogroups.com>
Sent: Wednesday, December 15, 2004 4:53 PM
Subject: [firebird-support] Create SYSDBA power under a different name and
then delete SYSDBA
>
> Hi all
>
> I would like to create a user as powerful as SYSDBA and then delete the
> SYSDBA so atleast the basic hacking of the database is avoided. I intend
> to create more sophisticated users later.
>
> Please let me know the step to get the results, maybe a script that can be
> run from a command line (read inside another program) to get it done in
> one
> simple step.
>
> Please advise.
>
>
>
> Regards
> Bhavbhuti
> ___________________________________________
> Softwares for Indian Businesses at:
> http://ahmedabad.sancharnet.in/vso_ad1/
> namitbn@...
> ___________________________________________
>
> ----------
>
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.816 / Virus Database: 554 - Release Date: 14/12/2004
>
>
> [Non-text portions of this message have been removed]
>
>
>
>
>
> Yahoo! Groups Links
>
>
>
>
>
>
>