| Subject | RE: [firebird-support] How would Firebird prevent users thrasing database |
|---|---|
| Author | Steffen Heil |
| Post date | 2004-04-05T09:41:25Z |
Hi
the database won't actually get a non-sysdba access to anything. Still, if
you are that lazy, you probably wouldn't bother to protect the sysdba access
either, so anyone in the world could hit your database.
The original poster seemed to be interested in "encryping" the database
itself. The only purpose for this is to secure the databasefile by itself.
At this point there is absolutely nothing in firebird you can do against.
All you need to do is reinstall the server software, recreating the default
password meanwhile.
IMO this is absolutly okay, since secure databases should be placed on
secure servers in the first place. No daemon should (or even can) be secure
by itself.
Regards,
Steffen
> Sure; but if you are a lazy developer and can not be bothered with thingslike installing roles and security privileges in the database, connecting to
the database won't actually get a non-sysdba access to anything. Still, if
you are that lazy, you probably wouldn't bother to protect the sysdba access
either, so anyone in the world could hit your database.
The original poster seemed to be interested in "encryping" the database
itself. The only purpose for this is to secure the databasefile by itself.
At this point there is absolutely nothing in firebird you can do against.
All you need to do is reinstall the server software, recreating the default
password meanwhile.
IMO this is absolutly okay, since secure databases should be placed on
secure servers in the first place. No daemon should (or even can) be secure
by itself.
Regards,
Steffen