| Subject | Security |
|---|---|
| Author | Johannes Fourie |
| Post date | 2005-12-02T06:04:28Z |
In the thread "RE: [firebird-support] Modify users" there was a comment made, which made me a little bit concerned. in connection with the Firebird security.
A comment was made that you can just delete the security.fdb, and add your own security file?
If I understand this comment correctly, Does this then mean that there is NO proper security on the Firebird database? I have a couple of clients with sensitive data in the Firebird database, and I gave them a couple of times the assurance that the information in the database is secure. But if it is this the case I lied then to the users.
Am I mis unjderstanding the comment made?
And what additional security measures can I implement to ensure the sysdba password cannot change, so that only I know this information?
The comment was:
"If you can't remember your sysdba password then rename your old security.fdb to
security.fdb.old (stop fb service/processes first) and re-install so you get
a clean copy of security.fdb, or restore from backup."
Thank you
Johan Fourie
-----Original Message-----
From: firebird-support@yahoogroups.com on behalf of Si Carter
Sent: Thu 12/1/2005 5:42 PM
To: firebird-support@yahoogroups.com
Cc:
Subject: RE: [firebird-support] Modify users
can't remember your sysdba password then rename your old security.fdb to
security.fdb.old (stop fb service/processes first) and re-install so you get
a clean copy of security.fdb, or restore from backup.
Hih
Si Carter
http://www.fbtalk.net/ - Web Based Firebird Forum
http://sourceforge.net/projects/fbutils - FBUtils
http://www.tectsoft.net/ - Homepage
------------------------ Yahoo! Groups Sponsor --------------------~-->
1.2 million kids a year are victims of human trafficking. Stop slavery.
http://us.click.yahoo.com/.QUssC/izNLAA/TtwFAA/67folB/TM
--------------------------------------------------------------------~->
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Visit http://firebird.sourceforge.net and click the Resources item
on the main (top) menu. Try Knowledgebase and FAQ links !
Also search the knowledgebases at http://www.ibphoenix.com
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Yahoo! Groups Links
A comment was made that you can just delete the security.fdb, and add your own security file?
If I understand this comment correctly, Does this then mean that there is NO proper security on the Firebird database? I have a couple of clients with sensitive data in the Firebird database, and I gave them a couple of times the assurance that the information in the database is secure. But if it is this the case I lied then to the users.
Am I mis unjderstanding the comment made?
And what additional security measures can I implement to ensure the sysdba password cannot change, so that only I know this information?
The comment was:
"If you can't remember your sysdba password then rename your old security.fdb to
security.fdb.old (stop fb service/processes first) and re-install so you get
a clean copy of security.fdb, or restore from backup."
Thank you
Johan Fourie
-----Original Message-----
From: firebird-support@yahoogroups.com on behalf of Si Carter
Sent: Thu 12/1/2005 5:42 PM
To: firebird-support@yahoogroups.com
Cc:
Subject: RE: [firebird-support] Modify users
> -----Original Message-----No, you can use the Services API instead.
> Is that the only way?
> Do you get the option to change theNot on windows, couldn't say for nix builds
> default password when you install Firebird?
> Is there a mastermasterkey on windows.
> password for Firebird installs?
>If you log in as SYSDBA, you can change the password for any user. If you
> I have a note of a username/password I used for Firebird a
> few years ago somewhere but it does not seem to work anymore
> and I am not sure what it applies to...
can't remember your sysdba password then rename your old security.fdb to
security.fdb.old (stop fb service/processes first) and re-install so you get
a clean copy of security.fdb, or restore from backup.
Hih
Si Carter
http://www.fbtalk.net/ - Web Based Firebird Forum
http://sourceforge.net/projects/fbutils - FBUtils
http://www.tectsoft.net/ - Homepage
------------------------ Yahoo! Groups Sponsor --------------------~-->
1.2 million kids a year are victims of human trafficking. Stop slavery.
http://us.click.yahoo.com/.QUssC/izNLAA/TtwFAA/67folB/TM
--------------------------------------------------------------------~->
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Visit http://firebird.sourceforge.net and click the Resources item
on the main (top) menu. Try Knowledgebase and FAQ links !
Also search the knowledgebases at http://www.ibphoenix.com
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Yahoo! Groups Links