Subject RE: [firebird-support] Firebird newbie Security.
Author Alan McDonald
> I am working with the embedded version of Firebird and I would like
> to password protect my database. I set a username and password when
> I created the database (using the .net data provider). It all
> worked great, I had to have the correct username and password in the
> connect string to gain access to the database. The problem comes in
> when I think about distributing the database. I copied the database
> to another PC with a regular install of Firebird 1.5 and all I had
> to do was to specify the SYSDBA and masterkey for username and
> password and I had full access to the entire database. How can I
> stop this from happening. I only want people who know the username
> and password I setup to be able to gain access, or for them to have
> access thru my application where I have my username and password
> specified. Any and all ideas appreciated.
> Thanks
> Jay

with the embedded server, you can supply username and password for
connection but it means nothing since there is no security database running.
You can only use role to define/restrict access to certain db objects.
Total security in this model (embedded) is only achieved via normal OS