--- In firebird-support@yahoogroups.com, "Alan McDonald" <alan@...> wrote:

>
> > Hi,
> >
> > I have a machine installed firebird services. I created a database
> > using the command:
> >
> > CREATE DATABASE 'DEVSVR:d:\mydb.fdb'
> > USER 'SYSDBA' PASSWORD 'ABC123456'
> > PAGE_SIZE 16384
> > DEFAULT CHARACTER SET UNICODE_FSS;
>
> This bit I'm suspicious of - I can't do this unless the password in

correct.

> Can you check this again?
>
> >
> > In gsec I can only connect to it by password "masterkey", instead of
> > mydb.fdb password "ABC123456".
>
> correct.
>
> >
> > gsec -user sysdba -password masterkey d:\mydb.fdb -->pass
> > gsec -user sysdba -password ABC123456 d:\mydb.fdb -->fail
> >
>
> correct
>
> > I believe gsec is connecting in superserver mode, while the same
> > problem happens for embedded mode.
> >
>
> embedded connections bypass all security by design. security is

totally left

> to you an the OS in this mode.
>
> > But on a machine *without* firebird service, when connecting to
> > mydb.fdb in embedded mode, and the password of 'ABC123456' works.
>
> correct because security is bypassed in embedded.
>
> >
> > Since on superserver, the database password 'ABC123456' is bypassed,
> > is this a security glitch?
> >
>
> no

Clarification to Alan's response.

Not all the security is disabled, just the server level security. Your
user will need to be granted the appropriate roles even under
embedded, but yes as you have observed any password is accepted when
connecting to an embedded database. Now would be an opportune time for
you to read the readme file where this and other features and
restrictions are explained.

Adam