Hi Balet

At 10:09 am 16/12/2004, you wrote:

>I'm happy to read your message Namit, it's my solution too, only rename
>SYSDBA user for multiply by 100 the security of the database

Is renaming SYSDBA to something else possible?

>for 99.99% of users (yes, it's remain software developper that can modify
>the source code of firebird for bypass security, it's easy for
>me too, but 99.99% of users can't make that) but much are able to only copy
>my fdb database to an other firebird server and have access
>to all information without write any code line and don't know software
>!!!!!!

You mean that passwords are stored in the FB server and not in the
database? So copy database to new machine with a fresh copy of FB server
and you can login the database with SYSDBA and masterkey?

If so the chain is as strong as it's weakest link!

>Peraps the separate security database is a good think, but it's difficult to
>explain to our client that any that can copy the fdb file can access to all
>information of their database, without crack or software modify, only a copy
>on a new server, the question of my client : and the encrypted password
>that we have giving !!!! for nothing unfortunately, and all this only for a
>SYSDBA user definition that we can rename or revoke !

Oh great.

>If I can rename SYSDBA user, I can put "grant" access on all my users and
>99.99 % can't access my database, it's not perfect, but more better I think
>that none security like now !

Agreed.




Regards
Bhavbhuti
___________________________________________
Softwares for Indian Businesses at:
http://ahmedabad.sancharnet.in/vso_ad1/
namitbn@...
___________________________________________

----------



No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.296 / Virus Database: 265.5.4 - Release Date: 15/12/2004


[Non-text portions of this message have been removed]