> Since is it on customers's site, do they have file access to backup

file ?

> (then they can do restore under whichever user they want. Backup

file

> is not password protected).
> Do they have file access to database file or Firebird installation ?
> Then juggling with usernames/passwords is just pointless
> since they can either replace security database, or connect with

embedded

> version that does not check passwords at all, or read encrypted

password

> and crack it using brute force, etc...
>
> Ivan

Correct Ivan, in the end they can do whatever they want with it, but
the software I wrote which uses the DB connects using specific
username/password, so if the change security Db, my software won't
connect anymore.
The problem isn't so much that there are any secrets in my db, it's a
matter of responsability when my system runs badly, because they're
messing arround in the production database. I'm just trying to find a
way that I can limit their privs, but I don't want to limit their
maintenance abilities. Sure they can access a backup file and restore
it on another server, and play with it as much as they want, but not
the DB-file which is used in production.
Could they actually grab the backup file, restore it on another
server, connect as sysdba and add grants for the user I gave them,
and then restore that db back on the production server, and thus have
the extra rights, or is the grant-info also stored in the security
db , which they have to leave alone because of my needed user ?

Thanks,

Dirk Naudts.