Subject Re: Embedded server security
Author Adam
--- In, "cedric_maucourt"
<cedric.maucourt1@m...> wrote:
> Hello,
> Is it possible to disable access to an embedded database with the
> SYSDBA account?

I am feeling lazy this morning, so here is a cut and paste from the

2.3. Authentication and security

The security database (namely security.fdb) is not used
in the embedded server and hence is not required. Any
user is able to attach to any database. Since both
the server and the client run in the same address space,
the security becomes just an agreement between both
sides which can be easily compromised.

> Indeed it seems that with the embedded version of Firebird, you don't
> have to specify a password when you connect to the database (no use of
> security.fdb). Only SQL privilegies are checked. I've created a
> database with a specific username/password and I would like to use
> this database with an embedded server. However, with this embedded
> version, the SYSDBA user can always connect to the database and he's
> got all SQL privilegies! It can be a problem for the application I'm
> working on...

Then don't use embedded, that is not the environment it is designed for.