| Subject | Re: [firebird-support] Avoiding hard-coding db pass in app - without using db users |
|---|---|
| Author | Anderson Farias |
| Post date | 2008-11-10T15:55:22Z |
Hi,
SYSDBA password should be kept secure and only used local for ADMIN stuf.
Create a ROLE on your DB with full access to tables/procs/etc needed and grant it to one or many users used by the app(s).
Regards,
Anderson Farias
[Non-text portions of this message have been removed]
>Could you tell me why using the SYSDBA user is a bad idea? I have one centralSYSDBA has full rights, to any database on the server, including maintenance stuf like SHUT DOWN and BACKUP (being able to have full database on client using GBAK).
>database, and I see no reason to create another user with the same rights...
SYSDBA password should be kept secure and only used local for ADMIN stuf.
Create a ROLE on your DB with full access to tables/procs/etc needed and grant it to one or many users used by the app(s).
Regards,
Anderson Farias
[Non-text portions of this message have been removed]