20.11.2015 12:42, Alex Peshkoff wrote: > They can. Callback format is: > > uint callback(uint dataLength, const void* data, uint bufferLength, > void* buffer); > > I.e. they can pass any data between each other.
If you are talking about the case of shipped database or when intruder got a full control on server, it won't help, because crypt plugin provides the same info to every key holder and key holder provides the same into to any crypt plugin. Actually, for a shipped database using of key holder has no meaning at all. >> > That's not our area of responsibility. We provide opportunities, not >> > enforce solutions. >> >Nothing prevents anybody from edit of firebird.conf and disable default key >> >holder. > I.e. you suggest as default unsafe opportunity. > Defaults should be configured as safe as possible. And that's exactly the case. Bigger safety is impossible for default installation. The case when crypt plugin exists and it uses a key holder is very far from default and it cannot be made worse. -- WBR, SD. ------------------------------------------------------------------------------ Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
