RE: Firebird DB - What Does Anyone Know?

From: Taylor, Chris David <ChrisDavid.Taylor_at_ingrambarge.com>
Date: Tue, 15 Sep 2009 11:22:18 -0500
Message-ID: <C5533BD628A9524496D63801704AE56D36809ECF87_at_SPOBMEXC14.adprod.directory>

http://www.securiteam.com/cgi-bin/htsearch

Search for Firebird.

There's a few issues, but suprisingly very little compared to some apps.

Chris Taylor
Sr. Oracle DBA
Ingram Barge Company
Nashville, TN 37205
Office: 615-517-3355
Cell: 615-354-4799
Email: chris.taylor_at_ingrambarge.com<mailto:chris.taylor_at_ingrambarge.com>

CONFIDENTIALITY NOTICE: This e-mail and any attachments are confidential and may also be privileged. If you are not the named recipient, please notify the sender immediately and delete the contents of this message without disclosing the contents to anyone, using them for any purpose, or storing or copying the information on any medium.

From: oracle-l-bounce_at_freelists.org [mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Scott Canaan Sent: Tuesday, September 15, 2009 10:41 AM To: oracle-l_at_freelists.org
Subject: Firebird DB - What Does Anyone Know?

One of our departments is looking at a product that uses a Firebird database. I've done some online research and found out that it is an open source database. I've brought this up with the vendor, stating that since its open source it's easy for hackers to get a copy to play with. Their response was to challenge me to break into their system and database, which I thought was an interesting response. It was the only technical question thrown at them that they got visibly angry about. My question is: Is anyone familiar with this database and how secure it is? If so, does it support any kind of encryption? I've not been able to find anything about encryption, either the data itself or network, on this product. In the end, if the department purchases this package, we won't be supporting the database, but I'm trying to do my due diligence in advising them of any issues, particularly security issues, that I can find.

Thank you,

Scott Canaan '88 (Scott.Canaan_at_rit.edu)

(585) 475-7886

"Life is like a sewer, what you get out of it depends on what you put into it." - Tom Lehrer.

--
http://www.freelists.org/webpage/oracle-l

Received on Tue Sep 15 2009 - 11:22:18 CDT

This message: [ Message body ]
Next message: Niall Litchfield: "Re: How to find out if my index is optimal or scattered"
Previous message: Paul Drake: "Re: How to find out if my index is optimal or scattered"
In reply to: Scott Canaan: "Firebird DB - What Does Anyone Know?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message