| Subject | Re: [firebird-support] Security |
|---|---|
| Author | Tim |
| Post date | 2005-12-02T06:29:56Z |
No database, in that case, is secure. You can - and I have - open
MSSQL Server DAT files with Notepad and view the raw data. You can
write an app to extract that data if you so require.
Security of the kind you speak of is inherent in the system, not in
the Database. In other words, you can and should restrict access to
the directories in which the data resides. *nix systems do this much
better than windows systems do; but with Windows 2000 and XP systems,
you can restrict or prevent access to directories to certain user
groups - the administrative tools (security policies) handle this.
With particularly sensitive data - like credit card numbers - what
you can do is encrypt them before they go in to the database, and
decrypt them when they come out. This means that even if someone does
- through whatever means - access the data, they cannot immediately read it.
It is important to understand that there is no such thing as a
foolproof system. There are only ways of making it harder for people
to get at the data.
Hope this helps
Tim
At 08:04 02/12/2005, you wrote:
MSSQL Server DAT files with Notepad and view the raw data. You can
write an app to extract that data if you so require.
Security of the kind you speak of is inherent in the system, not in
the Database. In other words, you can and should restrict access to
the directories in which the data resides. *nix systems do this much
better than windows systems do; but with Windows 2000 and XP systems,
you can restrict or prevent access to directories to certain user
groups - the administrative tools (security policies) handle this.
With particularly sensitive data - like credit card numbers - what
you can do is encrypt them before they go in to the database, and
decrypt them when they come out. This means that even if someone does
- through whatever means - access the data, they cannot immediately read it.
It is important to understand that there is no such thing as a
foolproof system. There are only ways of making it harder for people
to get at the data.
Hope this helps
Tim
At 08:04 02/12/2005, you wrote:
>In the thread "RE: [firebird-support] Modify users" there was a[Non-text portions of this message have been removed]
>comment made, which made me a little bit concerned. in connection
>with the Firebird security.
>
>A comment was made that you can just delete the security.fdb, and
>add your own security file?
>If I understand this comment correctly, Does this then mean that
>there is NO proper security on the Firebird database? I have a
>couple of clients with sensitive data in the Firebird database, and
>I gave them a couple of times the assurance that the information in
>the database is secure. But if it is this the case I lied then to the users.
>
>Am I mis unjderstanding the comment made?
>And what additional security measures can I implement to ensure the
>sysdba password cannot change, so that only I know this information?
>
>The comment was:
>"If you can't remember your sysdba password then rename your old
>security.fdb to
>security.fdb.old (stop fb service/processes first) and re-install so you get
>a clean copy of security.fdb, or restore from backup."
>
>Thank you
>Johan Fourie
>
>-----Original Message-----
>From: firebird-support@yahoogroups.com on behalf of Si Carter
>Sent: Thu 12/1/2005 5:42 PM
>To: firebird-support@yahoogroups.com
>Cc:
>Subject: RE: [firebird-support] Modify users
>
>
>
> > -----Original Message-----
> > Is that the only way?
>
> No, you can use the Services API instead.
>
> > Do you get the option to change the
> > default password when you install Firebird?
>
> Not on windows, couldn't say for nix builds
>
> > Is there a master
> > password for Firebird installs?
>
> masterkey on windows.
>
> >
> > I have a note of a username/password I used for Firebird a
> > few years ago somewhere but it does not seem to work anymore
> > and I am not sure what it applies to...
>
> If you log in as SYSDBA, you can change the password for any
> user. If you
> can't remember your sysdba password then rename your old
> security.fdb to
> security.fdb.old (stop fb service/processes first) and
> re-install so you get
> a clean copy of security.fdb, or restore from backup.
>
> Hih
>
> Si Carter
> <http://www.fbtalk.net/>http://www.fbtalk.net/ - Web Based
> Firebird Forum
>
><http://sourceforge.net/projects/fbutils>http://sourceforge.net/projects/fbutils
>- FBUtils
> <http://www.tectsoft.net/>http://www.tectsoft.net/ - Homepage
>
>
>
> ------------------------ Yahoo! Groups Sponsor
>
> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>
> Visit
> <http://firebird.sourceforge.net>http://firebird.sourceforge.net
> and click the Resources item
> on the main (top) menu. Try Knowledgebase and FAQ links !
>
> Also search the knowledgebases at
> <http://www.ibphoenix.com>http://www.ibphoenix.com
>
> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>
> Yahoo! Groups Links
>
>
>
>
>
>
>
>
>
>
>++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>
>Visit
><http://firebird.sourceforge.net>http://firebird.sourceforge.net and
>click the Resources item
>on the main (top) menu. Try Knowledgebase and FAQ links !
>
>Also search the knowledgebases at
><http://www.ibphoenix.com>http://www.ibphoenix.com
>
>++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>
>
>
>
>----------
>YAHOO! GROUPS LINKS
>
> * Visit your group
> "<http://groups.yahoo.com/group/firebird-support>firebird-support" on the web.
> *
> * To unsubscribe from this group, send an email to:
> *
> <mailto:firebird-support-unsubscribe@yahoogroups.com?subject=Unsubscribe>firebird-support-unsubscribe@yahoogroups.com
>
> *
> * Your use of Yahoo! Groups is subject to the
> <http://docs.yahoo.com/info/terms/>Yahoo! Terms of Service.
>
>
>----------