The SECURE user doesn't have access to the table, it can only execute
the procedure. The procedure has access to the table. I think it
sounds good -- I just wouldn't allow them to connect as SYSDBA, I would
create a different user and grant rights to that.

-steve

Anderson Farias wrote:

> Hi,
>
>
>> And the password sent over the network should be well protected by an SSL
>> tunnel...
>>
>
> Yes, but... what if the 'hacker' connects with this SECURE user, queries the
> password_proc and get sysdba pass?
>
>
> Regards,
> Anderson Farias
>
>
>
> ------------------------------------
>
> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>
> Visit http://www.firebirdsql.org and click the Resources item
> on the main (top) menu. Try Knowledgebase and FAQ links !
>
> Also search the knowledgebases at http://www.ibphoenix.com
>
> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
> Yahoo! Groups Links
>
>
>
>
>
>
>

This message and any files transmitted with it may contain information that is privileged, confidential, and exempt from disclosure under applicable law. They are intended solely for the use of the intended recipient. If you are not the intended recipient, distributing, copying, disclosing, or reliance on the contents of this communication is strictly prohibited. If this has reached you in error, kindly destroy this message and notify the sender immediately. Thank you for your assistance.

Specialized Business Software attempts to sweep harmful content (e.g. viruses) from e-mail and attachments, however we cannot guarantee their safety and can accept no liability for any resulting damage. The recipient is responsible to verify the safety of this message and any attachments before accepting them.