>
>Sure; but if you are a lazy developer and can not be bothered with things
>like installing roles and security privileges in the database, connecting
>to the database won't actually get a non-sysdba access to anything. Still,
>if you are that lazy, you probably wouldn't bother to protect the sysdba
>access either, so anyone in the world could hit your database.

Amen to that. THis isn't a "firebird" problem. It's also not a "sybase" or
"db2"
or "SQL Server" or any other RDBMS problem.

It's a lazy developer problem.

That said, it also depends on the circumstances. I never implement password
/ role
security. Why should I? The particular situation that I am developing for
doesn't require it.

If the users NEED that level of security, I CAN give it to them. But are
they aware of
the work involved? The effort required to maintain user logins etc? If they
are, and
have the infrastructure to do it, I will write it for them.

The other comment I agree with is the comment regarding SQL databases

Wake up and smell the coffee. SQL RDBMSs have been around for YEARS. It's
ANCIENT technology.

And the reason why it is used is because it works very very well. After
having been a dBase /
Paradox developer, I will never go back there after discovering the power
of SQL and RDBMS.

Tim


[Non-text portions of this message have been removed]