Subject RE: [firebird-support] Embedded server/database security
Author Alan McDonald
> At 02:37 PM 28/01/2005 +1100, you wrote:
> > > Well, it's only correct if the tool is located in the application
> > > directory.
> >
> >the tool doesn't have to be in the application directory. I use IBExpert
> >with the embedded server as the client library. I can therefore
> connect to
> >any database sitting anywhere locally without a local server
> running) AND
> >remotely to a server.
> This seems to suggest that you are running fbembed.dll (as gds32.dll,
> presumably) in the system path. (I saw you advising someone
> yesterday to do
> this...) Isn't this asking for trouble?

IBExpert provides for you to declare the client lib you want to use. It
could be named anything or reside anywhere you choose.
for my machine? no, this is not an issue


> The security warnings are all there re embedded, considering that it can
> run in any system user's application space. We can't prevent someone
> inserting a tool that can use the embedded server and we'll
> certainly make
> it easier for them if we make access to fbembed.dll wide open. Heck, why
> not just share the application tree with the whole LAN and just let them
> filecopy the lot?

my point exactly. I'm only (slightly) objecting to you trying to convince us
that security is greater than it is. With embedded, the door is wide open.