Subject Re: [IBO] Start Interbase when my IBO App runs?
Author Helen Borrie
At 09:53 PM 14-09-01 +1000, you wrote:
> > I know it's OT, but how can you keep interbase local,
> > i.e. not allow others to open my databases? I tried
> > to ask it in IB forums, but didn't get any response
>If I have understood correctly, both Borland and Phoenix have
>"licenced" versions of Interbase/Firebird.

Confusion here - first, there is no "Phoenix version"; and, secondly, Firebird has no licensing code whatsoever.

>Presuming that the
>licencing is setup the same as in IB5 then it would be simply a matter
>of not installing the network access licence.

The Borland InterBase network access licence simply allows a larger number of remote clients to log in to the server.

>Of course if you built your own copy of Firebird from the source you
>could probably take care of this more directly.

It's hard to see what this would solve...

It is in fact a serious problem with InterBase security that, if a client has a remote licence and SYSDBA access to the server, it can log in. For Firebird, even a remote client licence is unnecessary. If the server is running on your machine and other people who have SYSDBA privileges can access it, you can't keep them out.

The first obvious precaution is to make sure that you are the only person in your network who has SYSDBA access to the server on your machine and change the password frequently to keep it that way.

There are strategies that you can employ, using roles, to prevent SYSDBA from getting access at all. For exact details, search Dalton Calford's recent posts to the mers list with the subject prefix [IBSECURITY]; or perhaps Dalton won't mind if you email him directly...


All for Open and Open for All
InterBase Developer Initiative ยท