On 20-5-2019 12:54, sbai...@mutualconsultants.ltd.uk [firebird-support]
wrote:
>> You cannot do that if you
>> 1) Have no access to the file (and server file system as whole).
>> 2) Don't know password of database owner.
>
> 1) Yes agreed, you need access to the file - so I have been testing
20.05.2019 12:54, sbai...@mutualconsultants.ltd.uk [firebird-support] wrote:
> 2) In my testing I was able to open MyDB and view its contents *without
> *knowing the
> owner's password just by making it use my default security.fbd and
> SYSDBA/masterkey.
For this you again must have access
Dimitry,
> You cannot do that if you
> 1) Have no access to the file (and server file system as whole).
> 2) Don't know password of database owner.
1) Yes agreed, you need access to the file - so I have been testing what
happens if the file does somehow fall into the wrong hands
2) In
Hello,
So, I did understand correctly - anyone can open any Firebird database and view the data
(unless it happens to be encrypted).
No, not exactly, - you can protect from scenario with replacing security
database with a change of database owner (create database under MyUser).
I am
20.05.2019 12:32, sbai...@mutualconsultants.ltd.uk [firebird-support] wrote:
> anyone can open any Firebird database and view the data (unless it happens to
> be encrypted).
Yes, and it is true for any database server.
--
WBR, SD.
20.05.2019 12:19, sbai...@mutualconsultants.ltd.uk [firebird-support] wrote:
> What stops me taking a copy of SecretDatabase.fdb and connecting to it on my
> own Firebird
> installation?
You cannot do that if you
1) Have no access to the file (and server file system as whole).
2) Don't know
Alexey, thank you for the extremenly quick response.
So, I did understand correctly - anyone can open any Firebird database and
view the data (unless it happens to be encrypted).
I am rather shocked by that.
Steve Bailey
Hello,
This is the point where I confess to being confused. I presume I am
wrong but it looks like any Firebird database has a "public back
door". What stops me taking a copy of SecretDatabase.fdb and
connecting to it on my own Firebird installation?
If you have access to Firebird server
I am new to Firebird, trying to understand how it handles user security.
I want to create a database owned by and accessible to only one user - and
that should not be SYSDBA.
Let's call the database MyDB.
In databases.conf I created an alias for MyDB and specified that it should be
