Subject RE: [IBO] passwords
Author Ettienne du Plessis
Hi helen

Thanks for the information. I just hope everybody thinks before they they
change the SYSDBA password.

-----Original Message-----
From: []On
Behalf Of Helen Borrie
Sent: Saturday, May 28, 2005 01:00
Subject: Re: [IBO] passwords

At 03:43 PM 27/05/2005 +0200, you wrote:
>I would like to know.If firebird is allready installed on a machine and the
>sysdba password has been changed.
>The way i understand it is that i will not get into my application without
>someone telling me what the new password is and what
>happens if the person that has it installed does not know the password. I
>can't change it back because that would make his application stop.

You are not meant to hard-code passwords in applications that are intended
for production use. You should use a login dialog, where the user enters
the password, and don't store the password at all. Set PasswordStorage (on
the connection object) to psNone.

If you store the username, then the login dialog will default to that
username. Unless you code otherwise, the username can be changed in the
login dialog. (Look at IB_SQL to see how it works).

Of course, if you deploy your application to a site where the SYSDBA
password is not known, *everyone* has a problem!

The recommended thing to do is to have an Owner user. This Owner should
create the database and all of the objects in it. Then, on site, if you
have to do an upgrade of your software, you can add this user to the
security database and log in as Owner.

You should set up "ordinary" users for the people who use the system, and
install SQL access privileges for them.


IB Objects - direct, complete, custom connectivity to Firebird or InterBase
without the need for BDE, ODBC or any other layer.
___________________________________________________________________________ - your IBO community resource for Tech Info papers,
keyword-searchable FAQ, community code contributions and more !
Yahoo! Groups Links

No virus found in this incoming message.
Checked by AVG Anti-Virus.
Version: 7.0.322 / Virus Database: 266.11.17 - Release Date: 25/05/2005

No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.322 / Virus Database: 266.11.17 - Release Date: 25/05/2005

Please note: This email and its contents are subject to the disclaimer as
displayed at the following link
Should you not have Web access, send a mail to webmaster@... and a
copy will be emailed to you.

[Non-text portions of this message have been removed]