What about a new parameter in firebird.conf: EmbeddedDatabaseAccess, defaulted to "Restrict Self" (which is OK for 99% embedded apps)?
It will be checked for outgoing embedded connections, as they're usually (*) handled by the same engine. Remote connections will be always allowed and protected by the generic authentication. (*) The problem here is what to do if the external routine explicitly loads a different y-valve with possibly different engine (using a different configuration). Dmitry ------------------------------------------------------------------------------ Mobile security can be enabling, not merely restricting. Employees who bring their own devices (BYOD) to work are irked by the imposition of MDM restrictions. Mobile Device Manager Plus allows you to control only the apps on BYO-devices by containerizing them, leaving personal data untouched! https://ad.doubleclick.net/ddm/clk/304595813;131938128;j Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
