Subject Re: [IBDI] Internet
Author Peter Morris
> Well, if the local hacker cannot connect to the dbms because
> of no allowable user name and password then it would be difficult
> to see anything.

A hacker could quite easily be a customer on the same host. Or put another
way, another customer on the same host may decide to have a look around and
then cause a mess on your DB.

>Indeed on a *nix system the entire directory could be made invisible to
persons not of the correct group. Try something
> like:
> chmod 660 directoryname.

2 points.
1) I am a bit confused by this. Isn't it the DBServer that reads / writes
the file ? Therefore wouldn't the OS user be the same no matter who was
logged in ? (ie, Apache user, or IB user)
2) I don't think setting OS security quite makes up for the lack of security
in a DB server. This could just as easily be on an NT box.

> The real problem is how to allow some access without exposing
> everything. And the solution to THAT is to disallow isql
> access as stated before.

You are talking to a newbie here. If isql was disallowed would that not
stop ME from altering my own database ?

Either way. When it comes to security there are two approaches
1) Everything right is disabled. When you realise something isn't working
you turn it on. That way everything you need is on, everything you don't is
2) Every right is enabled. You have to work out what is available and turn
off what you don't want/need or what is a security risk.

I like option (1) in my software. IB seems to use mostly Option(2).
The problem with Option 2 is that you need to do a lot of work to make the
app in question safe security wise. Needless to say most people wont find
out all the options they need to disable and every process needing
undertaking. Whereas with Option 1 you will certainly be aware if security
is stopping you from doing something you want to do, and will then spend the
time working out what you need to change.

A (remains nameless) proxy for windows I once installed came with option 1.
It was so reassuring to find out that the default settings allowed people on
the internet full access to all the harddrives on my machine, and any other
shared drive on the machines on my private network :-) Needless to say I
eventually settled with another proxy instead.