| Subject | Re: Firebird - no security??? Seems unbelievable.... |
|---|---|
| Author | neighbour.kerry |
| Post date | 2009-11-05T21:14:20Z |
--- In firebird-support@yahoogroups.com, Kjell Rilbe <kjell.rilbe@...> wrote:
We can currently access the databases of any of THEIR customer base - they simply use the standard SYSBDA/masterkey combination. We do not want them to be able to do the same to us!
As it turns out, leaving the username/password at the default seems the best thing to do. Changing it does not seem to have any meaning.
Of course, our competitor is probably not that Firebird literate. They might not know of these security issues, and once they cannot get on with the default password, they might simply assume (as I did), that the database has been secured, and give up.
>Well, we are selling a POS product into a very competitive market. Our main competitor also uses Firebird, with basically the same table structure, etc. We do not want our competitors to 'play around with' our databases. If they wanted us to look bad, all they would have to do is delete some of our tables, or just alter a bit of data. We do not want that to happen.
> But then again, how could ANY security model help you? And what are you actually trying to protect? The schema? Some data in the database? What?
We can currently access the databases of any of THEIR customer base - they simply use the standard SYSBDA/masterkey combination. We do not want them to be able to do the same to us!
As it turns out, leaving the username/password at the default seems the best thing to do. Changing it does not seem to have any meaning.
Of course, our competitor is probably not that Firebird literate. They might not know of these security issues, and once they cannot get on with the default password, they might simply assume (as I did), that the database has been secured, and give up.