GSEC is the security database manipulation utility. It allows the DBA (or any privileged user) the ability to maintain user accounts for various Firebird databases. Using various options, users can be added, amended or deleted from the security database.

Normal users, ie those not endowed with DBA privileges, can only see their own user details from version 2.0 of Firebird. They can, however, change their own passwords with the new version. Previous to the new version, the DBA had to make the changes.

The Firebird database holds details of all users in a single security database. This is located on the server in a normal Firebird database named security.fdb for Firebird 1.5 or security2.fdb for Firebird 2.0 onwards. The default locations for this file are :

The security database has two tables, users and host_info. The host_info table is empty and the users table holds the details of each user allowed to access any Firebird database. Having said that, database roles and privileges will prevent users logging into and manipulating databases to which they have no rights.

The GSEC utility manipulates data in the users table in the security database, and by doing so, allows users to be added, amended and deleted from the system. Not all columns of the users table are able to be displayed, even though they can be amended. The user's password column is never shown by GSEC, but you can change it, for example.

Like most of the command line utilities supplied with Firebird, GSEC can be run in interactive or batch mode and has a help screen showing all of the utility's options, we'll be seeing that a little later on.

Coming up in this chapter, we have :