Subject | Re: [firebird-support] Firebird security acessing database on other server as SYSDBA |
---|---|
Author | Iwan Cahyadi Sugeng |
Post date | 2012-03-06T02:33:19Z |
What i wish for the security system is at least if we deliver our program
to customer without having direct access to the implementation (customer
install it by them self), we can say to them that by default the database
is secured and can not be easily accessible by other user even if they move
the database to another Firebird server instance.
to customer without having direct access to the implementation (customer
install it by them self), we can say to them that by default the database
is secured and can not be easily accessible by other user even if they move
the database to another Firebird server instance.
On Tue, Mar 6, 2012 at 5:41 AM, Ann Harrison <aharrison@...>wrote:
> **
>
>
> On Mon, Mar 5, 2012 at 6:32 AM, marcelo.tropia <marcelo.tropia@...
> >wrote:
>
>
> I think the solution would be saving the SYSDBA password inside the
> > database and encrypting it.
> >
> > What do you think?
> >
>
> I think that would slow down the idly curious, but would not provide
> serious security to anyone with the C++ skills to build a copy of firebird
> without authentication. The security challenges of an ope source database
> are quite different from a closed source system. But even with a closed
> source database that is not encrypted, a determined programmer can find the
> data in the file, given read access to it.
>
> Good luck,
>
> Ann
>
>
> [Non-text portions of this message have been removed]
>
> --
Iwan Cahyadi Sugeng
Interaktif Cipta Lestari
[Non-text portions of this message have been removed]