How to protect my metadata from users?


Short answer:

It's hard to do it once they have access to the database file.

You can hide or encrypt bodies of stored procedures and triggers, although they can be partialy reconstructed from BLR (binary representation) if someone really wants to do it.

If you just want to prevent casual users from peeking into your stored procedure, trigger and view code, you can run these statements to delete the source code:

update RDB$PROCEDURES
set RDB$PROCEDURE_SOURCE = null
where RDB$SYSTEM_FLAG is null or RDB$SYSTEM_FLAG = 0;

update RDB$TRIGGERS
set RDB$TRIGGER_SOURCE = null
where RDB$SYSTEM_FLAG is null or RDB$SYSTEM_FLAG = 0;

update RDB$RELATIONS
set RDB$VIEW_SOURCE = null
where (RDB$SYSTEM_FLAG is null or RDB$SYSTEM_FLAG = 0)
and RDB$VIEW_BLR is not null;

Make sure you do that only on production databases, and not on your development system. Also, please note that once you run ALTER command on those objects, the source will be restored.


Long answer and more details can be found here:

http://www.firebirdsql.org/manual/fbmetasecur.html


Do you find this FAQ incorrect or incomplete? Please e-mail us what needs to be changed. To ensure quality, each change is checked by our editors (and often tested on live Firebird databases), before it enters the main FAQ database. If you desire so, the changes will be credited to your name. To learn more, visit our add content page.

If you are a commercial tool maker and your tool features a great way to handle the issue written about in this FAQ, please check out our advertisement page.



All contents are copyright © 2007-2017 FirebirdFAQ.org unless otherwise stated in the text.


Links   Firebird   News   FlameRobin   Home Inventory powered by FB  
Add content   Advertise   About  

Categories
 Newbies
 SQL
 Installation and setup
 Backup and restore
 Performance
 Security
 Connectivity and API
 HOWTOs
 Errors and error codes
 Miscellaneous