| Subject | Re: [firebird-support] Avoiding hard-coding db pass in app - without using db users |
|---|---|
| Author | Zd |
| Post date | 2008-11-10T17:08:03Z |
Thanks for the info Anderson.
I didn't think about the backup / shut down stuff. I'll consider creating another user with full rights.
Regards,
Zd
I didn't think about the backup / shut down stuff. I'll consider creating another user with full rights.
Regards,
Zd
----- Original Message -----
From: Anderson Farias
To: firebird-support@yahoogroups.com
Sent: Monday, November 10, 2008 4:55 PM
Subject: Re: [firebird-support] Avoiding hard-coding db pass in app - without using db users
Hi,
>Could you tell me why using the SYSDBA user is a bad idea? I have one central
>database, and I see no reason to create another user with the same rights...
SYSDBA has full rights, to any database on the server, including maintenance stuf like SHUT DOWN and BACKUP (being able to have full database on client using GBAK).
SYSDBA password should be kept secure and only used local for ADMIN stuf.
Create a ROLE on your DB with full access to tables/procs/etc needed and grant it to one or many users used by the app(s).
Regards,
Anderson Farias
[Non-text portions of this message have been removed]
[Non-text portions of this message have been removed]