firebird-devel

Re: [Firebird-devel] Using Fbembed as a client for IB5.6

[Mike N. <ta...@al...>]

Nando Dessena wrote:

> M> To put remote access in the local server not only creates security
> M> holes the size of Windows 9x run by idiots clicking on any and
> M> every attachment they get, it also muddies the waters of
> M> where what borders are.
>
> Can you elaborate on the first point?

It's doing two things at once. Both acting as (what the user
installing the software might have been led to believe) a local, embedded,
server. But then in addition it also takes the right to do remote
connections to servers the user might not know about.

I see it a bit like starting up Excel (used as example of an inherent
local-only, single user, application), only to find out Microsoft put in
"phone home" software in it that you didn't know about. If the user is
notified that "This version of fbembed not only contains the local server,
it also has the capability to connect to other Firebird servers" that's
cool, but in all honesty I'd rather try to keep this functionality in
fbclient.dll where it (again, IMHO) belongs.

Perhaps the y-valve compiled into fbembed.dll could look for fbclient.dll
and if present use that one for remote connections (implies if it's not
present, no remote connections are allowed)? IIRC there is (or at least was)
some DLL loading code in it, though it looked for DLLs with names like AAAA,
BBBB, or something like that.


> As for the second, I don't see
> it as architecturally dumb as you.

From the features POV it probably looks fine. It can provide requested, even
needed, utility. From the side of "KISS" and security it looks... less
appealing to me.

> To me it looks slick, in fact.
> I'd dare to propose that fbembed should be able to be used as a client
> even for a local server (that is, connecting to databases through the
> local protocol), e.g. a way should be found to specify in the
> connection string whethere it's an "embedded" connection or one to be
> forwarded.

Once it has been given the capability to do remote connections, it can
connect to whatever machines it likes using whatever protocol it supports.

> >> Of course I plan to use dialect 1 exclusively, for now.
>
> M> How would that be obvious? Personally I use nothing but dialect 3, and
> M> I don't see a reason to hang on to anything older unless forced to.
>
> I am. See the subject line.

*smack* (that was the sound of "one hand clapping") :-) Sorry.

/Mike

Re[2]: [Firebird-devel] Using Fbembed as a client for IB5.6

[Nando D. <na...@de...>]

Mike,

MN> If the user is
MN> notified that "This version of fbembed not only contains the local server,
MN> it also has the capability to connect to other Firebird servers" that's
MN> cool, but in all honesty I'd rather try to keep this functionality in
MN> fbclient.dll where it (again, IMHO) belongs.

MN> Perhaps the y-valve compiled into fbembed.dll could look for fbclient.dll
MN> and if present use that one for remote connections (implies if it's not
MN> present, no remote connections are allowed)? IIRC there is (or at least was)
MN> some DLL loading code in it, though it looked for DLLs with names like AAAA,
MN> BBBB, or something like that.

Looks like a good compromise to me, and architecturally it certainly
makes the most sense. Let's see what others think.

>> I'd dare to propose that fbembed should be able to be used as a client
>> even for a local server (that is, connecting to databases through the
>> local protocol), e.g. a way should be found to specify in the
>> connection string whethere it's an "embedded" connection or one to be
>> forwarded.

MN> Once it has been given the capability to do remote connections, it can
MN> connect to whatever machines it likes using whatever protocol it supports.

Not if it takes all local connections strings for itself. A way to
clearly identify an embedded connection strings would be needed to be
able to differentiate (e.g. embedded:c:\localdatabase.fdb vs
c:\localdatabase.fdb).

Ciao
-- 
Nando                            mailto:na...@de...