Subject Re: [firebird-support] Important security question
Author Helen Borrie
At 12:21 PM 15/09/2003 +0200, you wrote:
>I would ask if there is some permission to revoke to don not allow oridinary
>user creating own database on server ? If it is not available please
>consider it as very important addidion to current 1.5 version , before
>final release (and resend this question to Firebird-devel).
>I want to guarantee that some malicious user (dissatisfied with job salary
>;-) could not create and populate so big database on server that will use
>all available disk space (could it be recognized as Denial of Service
>attack ?)
>Please , give me an answer , i'm rather new in Firebird world.

We have not yet designed an installer package that will feed important
information into the user's brain by osmosis.<g> So -- READ!!

In firebird.conf, use the DatabaseAccess parameter with the Restrict
option. Restrict database access to be only in specified directory
roots. Don't give ordinary users any filesystem permissions to these
locations. And make sure you keep the SYSDBA *very* well-paid. :-))

Documented in both the firebird.conf itself AND in the releasenotes.