|Re: [IB-Architect] Journaling support?
> However, there are security holes which the database system canI believe that this 'crash' issue is resolved in 6.0 in that
> really help to close. For example, with any legitimate Interbase user
> account I can effectively crash my Interbase server by writing
> to a database until the disk fills up.
we return an error when there is no disk space left on the
device. Actually, I've never seen this crash but, rather
hang the client.
> I can also create a new database any time I wantI would think that putting security on DDL would be a reasonable
enhancement. (eg. GRANT WRITE ON CREATE DATABASE TO xxxx).
> since I already know the file path to an existing databaseAre you using the BDE? If not, it should be pretty easy to hide
> and can create a new one which sits right next to it.
the file location from the end user.
> Then, as owner of that database, I can map external files toYou would have to have OS write access for the directory here.
> perform mischief.
And the IBServer process would need read/write access to the
external file location. Also some meta data SQL security
could prevent the creation of exteral file objects in the
Good points of weakness. Areas that I think could likely
be strengthened without major changes. Others would need
to confirm though, I am speculating.