Elmar... Thank you for your reply regarding protecting a Firebird Embedded Database.
However, why is it assumed that a database file that is stored locally cannot be breached by unauthorized access? Given the nature of sophisticated security breaches and hacking endeavors today, such data files can be breached by determined specialists even if they are not on site. All other database engines that I have worked with provide password protection, even SQLite, which is used primarily for desktop and device applications. I agree that the best way to protect any such database file is either through internalized encryption, which I believe is now offered with Firebird 3.xx or complete file encryption. However, would it not be easy enough for the Firebird Development Group to simply implement the security constructs for the embedded edition as it is for its server-side siblings given that all such editions are primarily the same? In any event, thank you once again for your quick reply... 😊 Steve Naidamast Sr. Software Engineer [email protected] [cid:5dd563dd-e1c8-41ff-8c06-9187c92572a5] ________________________________ From: [email protected] <[email protected]> on behalf of Elmar Haneke [email protected] [firebird-support] <[email protected]> Sent: Thursday, December 19, 2019 4:15 AM To: [email protected] <[email protected]> Subject: Re: [firebird-support] Re: Securing Firebird Embedded database > Is there any way to secure the FDB file from unauthorized access (other than > compression and encryption, which I am starting to implement in my project) > and if not, is there expected to be at least password protection for the > Embedded edition in Firebird 4.0? Password protection does assume the database file stored out of reach of illegitimate users. Legitimate server admin can always access database. Encryption is the only method to make illegitimate access to database content more difficult - its not really impossible if you have to store encryption keys within your application. Elmar [Non-text portions of this message have been removed]
