On 16/03/2013 20:38, Leyne, Sean wrote: > >> On 15/03/2013 07:32, Mark Rotteveel wrote: >>> But you are assuming that the user actually knows how to configure a >>> firewall (or even knows what a firewall is). Not all people who >>> install Firebird are system administrators or are aware for the need >>> to secure things. Serious users of Firebird are (or should be) aware >>> of that, but for example students who only install Firebird for a >>> small project are - most of the time - not. An installation that by >>> default restricts to localhost will 'protect' those users, while only >>> adding a small burden to serious users. >> AOL. >> >> FYI, did you see my comment that LibreOffice are thinking about making >> Firebird the default database? What do you think that's going to do to the >> number of your naive users? >> >> As I also said, I'm not at all sure what they're planning will actually >> work, but >> be aware you might be in for a shock down the road a little. >> (I understand databases, I'm not sure how much real experience the guy >> planning the roadmap has...) > No one has said that LO will use the server install of Firebird, it could > just as easily use the embedded engine which would not have any of the > network security issues which have been described.
Ah. I get the impression from what I read that they're not aware of the embedded engine (comments like "will we need to have a full server install of Firebird?"). I wasn't aware of it either. So that's good news. (Because LO is MPL, they don't want to use as part of the official build anything that is (L)GPL, so that rules out the more familiar option of Mariadb/MySQL.) That, however, isn't what worried me. I'd rather not go there until I know more but I saw some comments that had me screaming "data integrity! data integrity! data integrity!". Given that it's likely to become my baby like it or not - and that at the moment I don't know enough about it so I don't really want to go there - I won't say much. But if they do what I think they mean, we're looking at enforcing single-user to avoid data corruption. Not good. But the embedded engine stuff may void my worries. As I say, my alarm bells are ringing but I don't know enough to know whether it's justified. (I've been involved in - actually started - an attempt to write a database engine. Been there, tried that, failed to get the t-shirt :-) Cheers, Wol ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_mar Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
