Experimenting with Firebird
I'm looking at using the Firebird (previously InterBase) SQL database in a project, because it sounds quite good, works on Windows as well as Linux (unlike PostgreSQL) and can be distributed with commercial software without a licensing fee (unlike MySQL).
One scary thing about it is that it seems to have been built in the time before security was considered important (on Windows, that is). Databases are just files on the hard disk, except the database process runs as a privileged user and appears to be able to drop database files wherever it likes. I'm going to have to do something about that if I want to give this to anybody else. Adding a CVS-like "only allow this specific file to be accessed" command-line option should do the trick. Also restricting TCP connections to localhost would be a good plan.
Some bookmarks:
* Conceptual Architecture for InterBase/Firebird
* IBPhoenix Development
* High-level Description of the InterBase 6.0 Source Code
* A Cut Out and Keep Guide to the Firebird Source Code
* InterBase BLOB Fields: A Primer
* Comparing BLOB, CHAR and VARCHAR
One scary thing about it is that it seems to have been built in the time before security was considered important (on Windows, that is). Databases are just files on the hard disk, except the database process runs as a privileged user and appears to be able to drop database files wherever it likes. I'm going to have to do something about that if I want to give this to anybody else. Adding a CVS-like "only allow this specific file to be accessed" command-line option should do the trick. Also restricting TCP connections to localhost would be a good plan.
Some bookmarks:
* Conceptual Architecture for InterBase/Firebird
* IBPhoenix Development
* High-level Description of the InterBase 6.0 Source Code
* A Cut Out and Keep Guide to the Firebird Source Code
* InterBase BLOB Fields: A Primer
* Comparing BLOB, CHAR and VARCHAR