Subject Re: Bingo! No real security there.
Author Adam
Post date 2005-04-26T00:12:30Z
Please read the article written by Geoff Worboys.

http://firebird.sourceforge.net/index.php?
op=doc&sub=contrib&id=fb_meta_security

If you give access to the fdb file, you have no right to whinge that
you can circumvent the security. This is not unique to Firebird. Even
if you do encrypt the tables etc, you still have the problem of
storing the private key. (I hope you didn't intend to hard code it in
the application). You often do not need to give untrusted users
access to the fdb file. No client application NEEDS access to that
file, just the server process. You can use third party products such
as Zebedee to encrypt data across the wire.

Adam

--- In firebird-support@yahoogroups.com, "Johan van Zyl" <johan@j...>
wrote:
> Hi Johan van Zyl,
>
> It is really a problem!
>
> I had written an application in Firebird, a huge one. But... I am
> reluctant to release it. It should at least allow me to encrypt the
> structure of some of my tables, if the argument is that SQL is to
allow
> open access to my tables.
>
> I learnt my ERP programming through reading and understanding the
tables
> of a very good program written by a group of very good programmers.
> And... I can tell you it makes a world of difference. It had save
me
> years of headaches, you will know what you have in hand when you
got it!
>
> I am still waiting for the encryption.
>
> Thanks.
>
> Kelvin Chua
> SINGAPORE
> -----Original Message-----
> From: firebird-support@yahoogroups.com
> [mailto:firebird-support@yahoogroups.com]On Behalf Of Johan van Zyl
> Sent: 25 April 2005 23:55
> To: firebird-support@yahoogroups.com
> Subject: RE: [firebird-support] Bingo! No real security there.
>
>
> ?
>
> Just to make it clear - I am a HUGE Firebird fan!
> I just need answers to questions my customers may ask.
> Cheers
> JVZ
> -----Original Message-----
> From: firebird-support@yahoogroups.com
> [mailto:firebird-support@yahoogroups.com]On Behalf Of Clay Shannon
> Sent: 25 April 2005 23:47
> To: firebird-support@yahoogroups.com
> Subject: RE: [firebird-support] Bingo! No real security there.
>
>
> <subject>
>
> Yes, those sneaky priests and nuns can look over your shoulder
and see
> your
> card.
>
> Clay Shannon,
> Dimension 4 Software
>
>
>
> ------------------------------------------------------------------
--------
> --
> --
> Yahoo! Groups Links
>
> a.. To visit your group on the web, go to:
> http://groups.yahoo.com/group/firebird-support/
>
> b.. To unsubscribe from this group, send an email to:
> firebird-support-unsubscribe@yahoogroups.com
>
> c.. Your use of Yahoo! Groups is subject to the Yahoo! Terms
of
> Service.
>
>
> ----------
>
> No virus found in this outgoing message.
> Checked by AVG Anti-Virus.
> Version: 7.0.308 / Virus Database: 266.10.2 - Release Date:
21/04/2005
>
>
> [Non-text portions of this message have been removed]
>
>
>
> --------------------------------------------------------------------
--------
> --
> Yahoo! Groups Links
>
> a.. To visit your group on the web, go to:
> http://groups.yahoo.com/group/firebird-support/
>
> b.. To unsubscribe from this group, send an email to:
> firebird-support-unsubscribe@yahoogroups.com
>
> c.. Your use of Yahoo! Groups is subject to the Yahoo! Terms of
Service.
>
>
> ----------
>
> No virus found in this outgoing message.
> Checked by AVG Anti-Virus.
> Version: 7.0.308 / Virus Database: 266.10.2 - Release Date:
21/04/2005
>
>
> [Non-text portions of this message have been removed]