| Subject | Re: [IBO] IB_Connection and PasswordRemembered |
|---|---|
| Author | lester@lsces.globalnet.co.uk |
| Post date | 2001-08-01T09:04:58Z |
> So the question becomes...I can live with the 'problem' as I have a mechanism to override the username
>
> Do I set about changing IB_Connection so that there is some property
> based mechanism whereby you can avoid the protection mechanisms OR do
> we simply insist that developers hardcode their passwords if that is
> what they want?
and password anyway, and have just had to put the default in there.
> It is not just a matter of whether the individual users need to beCURRENTLY all of my sites are controlled from secure areas with some sort of
> authorised, but also whether the client is happy that...
>
> 1. The users can easily discover the password and access the
> database with ANY program (such as IB_SQL etc).
controlled access, or the sites are on a 'secure' network without a means of
local control. So the terminals are set up without user logon as that causes
more problems.
> 2. That anyone with access to the program can discover the passwordAs above, so they can't establish a connection unless they are cleared for
> and access the database (presuming they can establish a connection) -
> again with any program.
the building.
> 3. Security cannot be improved in the future without recompiling theThe current Interbase security is a joke anyway - but it does not bother me -
> program.
and probably quite a few other people as well. When something better is
provided, then we will have to re-compile anyway?
> Now that I've had my say ;-) you are welcome to tell me that you stillI thought the jumbled characters was the protection for IBO4 and I think that
> want a property on the IB_Connection that will let you store the
> password in the DFM without any protection at all. (You wont convince
> me to make that the default, but you may convince me that it is
> appropriate to have it as an option.)
this is a simple compromise to allow simple storage, but perhaps it should be
applied to the user name as well?
My only real complaint was that I had set 'PasswordRemember' to true, and
expected to run the program at a remote site - which it did not - and I had a
short panic while I tried to get that site running again. Fortunately it was
not a critical site.
( I lost my system at Paddington Station - the terminus from Heathrow airport
- for four hours because the air conditioning system had failed and the
equipment room hit 50oC - frying both servers - so panic is the norm - at
least they will get a bill and can't complain about availability )
--
Lester Caine
-----------------------------
L.S.Caine Electronic Services