| Subject | RE: [firebird-support] Define users |
|---|---|
| Author | Alfred Thomas |
| Post date | 2004-06-28T14:01:38Z |
Thanks Paul
I am slowly realising what this means. The reason I did not want to change
the SYSDBA password is because for the instances where I didnt care about
security, I didn't want to deploy the security.fdb as well. That's why I let
them connect with SYSDBA/masterkey.
Do you know why the reason why FB was designed like this, and why the
security is not included in each DB?
My problem with this is that should someone get hold of the DB, they can
access it easily with their own security FDB.
Also, when you have multiple DB's on one machine, what happens with
duplicate users on different DB's?
I also don't like the fact that I have to deploy the security.fdb with my
app. What happens if the user should overwrite an
existing security.fdb with a new one?
I am sorry if all these questions sounds dumb, but what is the preferred
method of user management on a FireBird server with multiple databases?
Thanks for your help so far
Regards
Alfred
I am slowly realising what this means. The reason I did not want to change
the SYSDBA password is because for the instances where I didnt care about
security, I didn't want to deploy the security.fdb as well. That's why I let
them connect with SYSDBA/masterkey.
Do you know why the reason why FB was designed like this, and why the
security is not included in each DB?
My problem with this is that should someone get hold of the DB, they can
access it easily with their own security FDB.
Also, when you have multiple DB's on one machine, what happens with
duplicate users on different DB's?
I also don't like the fact that I have to deploy the security.fdb with my
app. What happens if the user should overwrite an
existing security.fdb with a new one?
I am sorry if all these questions sounds dumb, but what is the preferred
method of user management on a FireBird server with multiple databases?
Thanks for your help so far
Regards
Alfred