Dalton Calford wrote: > I still argue that we should take the opportunity to not only > fix this issue, but to improve the FB product functionality.
Part of the problem is the timing. How much do the Firebird developers really want to implement right now before v3.0 release. Another part is that application developers need an overlap between the removal of the old feature and the introduction of the new - because this allows the migration to be done in a more controlled manner. Hence my previous suggestion that option 4 is the best way to go _now_ - if that is viable. Any improvement/replacement features should be discussed separately. > The core requirement is to stop non-authorized users from > viewing source code. The current process is to delete the > source code from the database. [...] > So, a database can theoretically have some items that are > encrypted on the database owners security authorization that > even SYSDBA can not see, nor can they decrypt since the on > disk records are encrypted using the database owners > encryption key vs the regular users encryption key. [...] The core requirement, as I understand it, is to prevent legitimate customers (who possess a copy of the database that they access from a Firebird server running on their own machine) from extracting the source code. [Cutting this short, because Jim has already covered the point I was going to make about replacing the server to extract the data and/or keys.] -- Geoff Worboys Telesis Computing Pty Ltd ------------------------------------------------------------------------------ Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/ Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
