| Subject | Re: [firebird-support] Important security question |
|---|---|
| Author | Nando Dessena |
| Post date | 2003-09-17T15:15:29Z |
Helen,
H> password
At least I must give it to firebird itself <g>, and that's enough to let every user
defined in security.fdb create huge databases on whatever path I put
databases on the server.
H> If you are talking about "firebird users", meaning database users, they
H> don't need filesystem privileges to access the database files or the server
H> location and they should not have it.
Sorry for being unclear. I wrote "firebird user" meaning whatever
accound the firebird server runs under. You state that database users
do not need filesystem privilege, which is true, and that's the exact
reason why your first suggestion (Don't give ordinary users any
filesystem permissions to these locations) isn't effective.
We'd need to be able to revoke a "create database" privilege that
unfortunately doesn't exist AFAIK.
Using aliases helps a bit, by obfuscating the real paths, but it's not
really secure.
Do you or anyone else know a workaround?
Ciao
--
Nando mailto:nandod@...
>>H> Restrict database access to be only in specified directoryH> Well, the obvious way to avoid it is not to give anyone the firebird user's
>>H> roots. Don't give ordinary users any filesystem permissions to these
>>H> locations.
>>
>>Unfortunately this does not help, since the firebird user will need
>>full access to those folders regardless of ordinary user limitations.
>>
>>I don't know of a way to avoid this, short of using quotas.
>>I would be really glad to hear of one, though.
H> password
At least I must give it to firebird itself <g>, and that's enough to let every user
defined in security.fdb create huge databases on whatever path I put
databases on the server.
H> If you are talking about "firebird users", meaning database users, they
H> don't need filesystem privileges to access the database files or the server
H> location and they should not have it.
Sorry for being unclear. I wrote "firebird user" meaning whatever
accound the firebird server runs under. You state that database users
do not need filesystem privilege, which is true, and that's the exact
reason why your first suggestion (Don't give ordinary users any
filesystem permissions to these locations) isn't effective.
We'd need to be able to revoke a "create database" privilege that
unfortunately doesn't exist AFAIK.
Using aliases helps a bit, by obfuscating the real paths, but it's not
really secure.
Do you or anyone else know a workaround?
Ciao
--
Nando mailto:nandod@...