On 04/25/2016 03:51 PM, Emil Totev wrote: >> From: Alex Peshkoff <peshk...@mail.ru> >> Subject: Re: [Firebird-devel] User password for encryption >> To: firebird-devel@lists.sourceforge.net >> Message-ID: <571e0924.3010...@mail.ru> >> Content-Type: text/plain; charset=windows-1252; format=flowed >> >> On 04/25/2016 11:28 AM, Emil Totev wrote: >>> How difficult would it be to get the user password to the encryption / >>> key holder plugin, especially for an embedded connection? >> I will start from the most simple part - embedded connection. As far as >> I understand you ask about password which is used to login to the server >> (isc_dpb_password) Unfortunately question makes no sense - for embedded >> connection password is not needed at all and no authentication plugin is >> used (even when password is present in DPB it's just ignored). On the >> other hand it's not too hard to add to firebird engine a code, passing >> isc_dpb_password value to key holder plugin (as one of a keys for >> example). But that hardly makes much sense on my mind. > Then, how would you pass a key to the engine in the embedded case?
If the key to be passed from application the best way is to use callback. Unlike other methods key in this case is not touched by open source code making possibility of stealing it much smaller. ------------------------------------------------------------------------------ Find and fix application performance issues faster with Applications Manager Applications Manager provides deep performance insights into multiple tiers of your business applications. It resolves application problems quickly and reduces your MTTR. Get your free trial! https://ad.doubleclick.net/ddm/clk/302982198;130105516;z Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
