| Subject | Re: [firebird-support] Bingo! No real security there. |
|---|---|
| Author | Ann W. Harrison |
| Post date | 2005-04-26T17:09:27Z |
Johan van Zyl wrote:
can use the embedded engine to access any database, but the client
running the application has to have read write permissions to the
database file. With those permissions, the client could do anything -
with or without the embedded engine. The embedded engine can't open a
database that's already open with SuperServer.
For databases where security is important, the database file should be
accessible only by the firebird account or firebird group.
Regards,
Ann
>That's fine and reasonable. The answer to the question is that yes, you
> The FireBird security issue has been reaised many times in the Clarion NG's.
> I came to this forum, where the FIrebird experts hang out, to get some peace
> of mind, and report back to the Clarion community.
can use the embedded engine to access any database, but the client
running the application has to have read write permissions to the
database file. With those permissions, the client could do anything -
with or without the embedded engine. The embedded engine can't open a
database that's already open with SuperServer.
For databases where security is important, the database file should be
accessible only by the firebird account or firebird group.
Regards,
Ann