> Basically, if you opt for the embedded model, the only way to protect
> your database is by setting permissions on the database file.
> If you want to delve deeper into this subject, here's a good paper
> about Firebird security (HTML and PDF versions):
>
> http://www.firebirdsql.org/manual/fbmetasecur.html
> http://www.firebirdsql.org/pdfmanual/Firebird-Security.pdf

Thanks for the link, it's a really good.

In my case, I wish to base the encryption of a key only known by the
user, that way I don't a problem with storing it on the computer.
The application must run on Windows ME, so protecting the file using
the OS is not possible.
I think this gives me two options

1) Encrypt user data when I insert it into the database, and decrypt
it on retrieval. That's not really practical for my use, because I
would have to encrypt a lot of fields.

2) Encrypt the whole database file. Since my database file will be
pretty small, this should be possible. The only problem I see; is that
the decrypted file has to be available somewhere while my application
is running. If the application isn't closed correctly, the decrypted
file is freely available.

Any comments on this? something I missed or misunderstood ;-)