On Monday, August 24, 2015, Adriano dos Santos Fernandes < adrian...@gmail.com> wrote:
> On 24/08/2015 09:16, James Starkey wrote: > > > > No problem other than this requires that database account credentials > > be on the client disk and therefor theoretically available to an > attacker. > > > > There is no way to make any of this easy. > > I think it's clear that when you mix: > - A possible attacker has physical access to the server > - An open source product > - An "autonomous server", that get keys from a file or from network > > You cannot have security. With only two of these three items you still > never cannot. Go back and re-read the scheme I outlined. The idea is that the server isn't autonomous but requires a key provided from an external network connection to be fully functional -- but then it doesn't need to be fully functional until a network connection shows up. > I think people should understand that they cannot put their own software > with the database on a customer and avoid him to stole database data and > objects in this situation. > > This security is fake. It can only be beneficial for some > people/organization to do "consulting services" to brake Firebird > security and earn lots of money with easy work. > > > > Before you declare it fake, show the flaw. -- Jim Starkey
------------------------------------------------------------------------------
Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel