You can make a small script that will change the password just after you
finish installing Firebird. The passwords don't need to be there, you
just need to be in SYSDBA.password (I'm not to sure about this, but I
think this one - in SYSDBA.password - is a random password that install
creates and you just use to connect the first time and change it).

For the service file, you don't need it there. It's just an example. You
just need to be an user with suficient rigths to start/stop the service.

So, even there, you can just ignore them, because it's quite sure that
they will be changed.

Just remember that your application couldn't be the only one that uses
Firebird, and you must (should) provide the SYSDBA password to your client.

Artur

scott_buckham@... wrote:

> We have a product that we wish to distribute on a linux server running
> firebird 1.5.x . Is there anyway to protect the passwords? When looking at the
> installation scripts I noticed that the password is stores in plain text in 2
> places:
>
> 1) SYSDBA.password
> 2) the firebird service file
>
> We have taken great care to attempt to secure our database structure. This
> would obviously make those attempts worthless.
>
> Any advice would be appreciated.
>
> Thanks in advance,
>
> Scott Buckham
>
> Software Engineer
> AFJ Software Pty Ltd