| Subject | Re: [firebird-support] Firebird - no security??? Seems unbelievable.... |
|---|---|
| Author | Kjell Rilbe |
| Post date | 2009-11-05T20:22:25Z |
neighbour.kerry wrote:
have full control over who can access the physical file. The point is
that only the server (Firebird) is supposed to have access to the file.
All clients access it ONLY through the Firebird server.
If your situation does not fit this scheme, then you're in trouble. I
can only guess that you've got a client application that makes use of an
"embedded" Firebird database (using fbembed or not) that ships with your
application and is installed on each client machine.
If this is the case, Firebird's security model doesn't help you at all.
But then again, how could ANY security model help you? And what are you
actually trying to protect? The schema? Some data in the database? What?
If you give us full detail, then maybe we can suggest a solution that
works for you.
Kjell
--
--------------------------------------
Kjell Rilbe
DataDIA AB
E-post: kjell@...
Telefon: 08-761 06 55
Mobil: 0733-44 24 64
> 2. all someone has to do is copy a passworded database to another serverThe security model in Firebird does work well in the situation where you
> - with a password that they know - and they are in! Seems rather
> pointless using passwords at all.
have full control over who can access the physical file. The point is
that only the server (Firebird) is supposed to have access to the file.
All clients access it ONLY through the Firebird server.
If your situation does not fit this scheme, then you're in trouble. I
can only guess that you've got a client application that makes use of an
"embedded" Firebird database (using fbembed or not) that ships with your
application and is installed on each client machine.
If this is the case, Firebird's security model doesn't help you at all.
But then again, how could ANY security model help you? And what are you
actually trying to protect? The schema? Some data in the database? What?
If you give us full detail, then maybe we can suggest a solution that
works for you.
Kjell
--
--------------------------------------
Kjell Rilbe
DataDIA AB
E-post: kjell@...
Telefon: 08-761 06 55
Mobil: 0733-44 24 64