Subject Re: [Firebird-Architect] Security question (was: CVS: firebird2/src/jrd jrd.cpp,1.206,1.207)
Author Dmitry Yemanov
"Adriano dos Santos Fernandes" <adrianosf@...> wrote:
> Talking about SF #1155520.
> I missed in the bug report that non-database files can be everwrited too.

In other words, we have three ways to process the overwrite flag during
database creation:

1) Database exists - overwrite is allowed for SYSDBA/owner
2) File exists, but this is not a FB database - ???
3) File doesn't exist - creation is allowed for every user

AFAIU, item (1) is partially broken now, because the status vector is not
cleared for a handled error.

Item (2) requires more thinking. The legacy behaviour is that every user can
overwrite non-database files. Another possible option is to restrict such an
operation to SYSDBA only. And we also could reject all such attempts. I'd
suggest that we rollback to the legacy behaviour for Alpha 2 and continue
thinking after that. I'd pretty much hate to defer the Alpha 2 release
because of that as well as release it incompatible with older versions.