| Subject | RE: [firebird-support] Bingo! No real security there. |
|---|---|
| Author | Johan van Zyl |
| Post date | 2005-04-26T19:19:19Z |
Hi
THX!
Your are a scholar and a lady!
JVZ
-----Original Message-----
From: firebird-support@yahoogroups.com
[mailto:firebird-support@yahoogroups.com]On Behalf Of Ann W. Harrison
Sent: 26 April 2005 19:09
To: firebird-support@yahoogroups.com
Subject: Re: [firebird-support] Bingo! No real security there.
Johan van Zyl wrote:
can use the embedded engine to access any database, but the client
running the application has to have read write permissions to the
database file. With those permissions, the client could do anything -
with or without the embedded engine. The embedded engine can't open a
database that's already open with SuperServer.
For databases where security is important, the database file should be
accessible only by the firebird account or firebird group.
Regards,
Ann
----------------------------------------------------------------------------
--
Yahoo! Groups Links
a.. To visit your group on the web, go to:
http://groups.yahoo.com/group/firebird-support/
b.. To unsubscribe from this group, send an email to:
firebird-support-unsubscribe@yahoogroups.com
c.. Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
[Non-text portions of this message have been removed]
THX!
Your are a scholar and a lady!
JVZ
-----Original Message-----
From: firebird-support@yahoogroups.com
[mailto:firebird-support@yahoogroups.com]On Behalf Of Ann W. Harrison
Sent: 26 April 2005 19:09
To: firebird-support@yahoogroups.com
Subject: Re: [firebird-support] Bingo! No real security there.
Johan van Zyl wrote:
>NG's.
> The FireBird security issue has been reaised many times in the Clarion
> I came to this forum, where the FIrebird experts hang out, to get somepeace
> of mind, and report back to the Clarion community.That's fine and reasonable. The answer to the question is that yes, you
can use the embedded engine to access any database, but the client
running the application has to have read write permissions to the
database file. With those permissions, the client could do anything -
with or without the embedded engine. The embedded engine can't open a
database that's already open with SuperServer.
For databases where security is important, the database file should be
accessible only by the firebird account or firebird group.
Regards,
Ann
----------------------------------------------------------------------------
--
Yahoo! Groups Links
a.. To visit your group on the web, go to:
http://groups.yahoo.com/group/firebird-support/
b.. To unsubscribe from this group, send an email to:
firebird-support-unsubscribe@yahoogroups.com
c.. Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
[Non-text portions of this message have been removed]