| Subject | Re: [firebird-support] How to prevent SYSDBA to connect to database |
|---|---|
| Author | Artur Anjos |
| Post date | 2004-02-18T12:24:24Z |
Elmar,
Firebird security is OS based. If you secure your files in the server,
people must know SYSDBA password to access the database with full access.
It's easy for a server to secure the files. Just don't use OS that dont have
any securit, such as W95/98.
Just make sure no one can direct access the files on it. You don't need to
have a SYSDBA user in your OS - it's the engine itself that will access your
files (the user that runs the firebird service in the server is up to you).
Artur
Firebird security is OS based. If you secure your files in the server,
people must know SYSDBA password to access the database with full access.
It's easy for a server to secure the files. Just don't use OS that dont have
any securit, such as W95/98.
Just make sure no one can direct access the files on it. You don't need to
have a SYSDBA user in your OS - it's the engine itself that will access your
files (the user that runs the firebird service in the server is up to you).
Artur
----- Original Message -----
From: "Elmar Haneke" <elmar@...>
To: <firebird-support@yahoogroups.com>
Sent: Wednesday, February 18, 2004 11:48 AM
Subject: Re: [firebird-support] How to prevent SYSDBA to connect to database
>
>
> Artur Anjos schrieb:
>
> > If someone gets direct access to your database file, forget about
security.
> > If you use embedded, you must give direct access to the file to the user
> > that runs the application.
>
> With this assumption one should also forget about blocking SYSDBA out
> of the database. In most installation I wouls assume that SYSDBA is
> the person with direct access to all files on the server. Defining a
> role "sysdba" seems to be an minimal barrier only.
>
> Elmar
>
>
>
>
> Yahoo! Groups Links
>
>
>
>