Em 5/3/2012 16:19, Marcelo Trópia escreveu: > Hi Iwan, thank you. > > Regarding DB2 security (mainframe DB2 no z/OS), yes, there is this kind of > security. If someone copy the VSAM dataset (DB2 tablespace access method) > and try to register this tablespace on other DB2 instance, DB2 will not > accept it because dbid and obid identifiers are stored inside the dataset > and you need to know these identifiers to inform to DB2. Someone with a deep > knowing of DB2 (a hacker) could discover these identifiers, but it is not > easy. > > Best regards, > Marcelo >
What DB2 implements is Security by obscutiry.... I understand you concern, but there is no security if you cannot garantee it at file system level. Even if FB 3.0 stores the user information inside database, it will be easy to complie a new version of FB that bypass the user authentication. It's easy to circunvent it in FB since it is open source, and anyone could analyze the code and recompile it. see you !
