| Subject | Re: [firebird-support] Re: additional firebird security to marry a database to a server |
|---|---|
| Author | S. Govindkrishna |
| Post date | 2005-11-14T12:28:04Z |
>From : Adam <s3057043@...>I think this is a good answer when it comes to server type applications. But when you are talking of embedded we must compare to Access and not to other RDMSes
>To : firebird-support@yahoogroups.com
>Date : 14/11/2005 2:27:26 PM
>Subject : [firebird-support] Re: additional firebird security to marry a database to a server
>
>
>How pointless. Firebird is Open Source. Even if you do whatever you
>want to do, I can access the tables on a RAW level because I can
>download the sources and write my own I/O interaction. Encrypting is
>useless unless you can somehow control the key, but if you can't even
>control file system permissions, what chance is there of that.
>
>I don't mean to sound unfair, but the security relies on the malicious
>user not getting file access to the fdb file (just like other
>databases btw). If you can't guarantee that, then there is little
>hope. Just in case you were wondering, NO-ONE (except the user
>Firebird is installed as) requires ANY access at all to the fdb file.
>So disallow it.
>
>Adam
Here the problem is users who are not very computer savvy may be using it and sharing the drive and not realising the implications.
Access does give you the option to secure your database.
gk