| Subject | Re: [firebird-support] Re: Database Security, or lack thereof |
|---|---|
| Author | Geoff Worboys |
| Post date | 2005-05-08T22:47:52Z |
>> Here are some more:There have been some very long standing and quite glaring
> Read all that already. Most of it deals with physical
> security issues which exists on any platform.
> I was just suprised at the lack of logical security in the
> database. I wasn't even trying and was able to wreck it.
holes in Firebird security (mostly items outstanding from the
days as Interbase).
The holes generally relate to the ability for insiders (people
that already have some level of access) to perform denial of
service attacks. eg: Creating objects and filling them or
resetting generator values.
The fact that these have continued to exist for so long I
think must reflect the nature of implementations used (insider
attacks are not considered to be of critical importance for
all installations).
>> It is quite possible to create a secure environment usingThere is an obscurity technique that I use in some of my
>> Firebird, but you must go in using the Firebird mindset.
> If so, I'd like to see an example that's not going to take
> a lot of time to set up and maintain.
installations...
I setup the application to "hash" the input passwords for all
non-administrative users. That is; The user types in a value
(can be any length, rather than the primitive 8chars that has
been possible to date) and create a hash from that input which
is converted to string and used as their access password.
Hence non-administrative users do not know their actual FB
password and so their access is restricted to using only the
application - which does not provide access for them to issue
DML or DDL directly.
Notes:
- It is only obscurity. It is only useful whilever the actual
hashing technique remains secret, so the source cannot be open
and it remains (theoretically) possible to disassemble the
executable to discover the algorithm.
- It means that the application must provide user maintenance
facilities. Non-administrative users can only be maintained
through the application - the FB supplied utilities such as
gsec will not be useful.
So the technique is not perfect but has been adequate for the
installations that I have been supporting.
As already noted in other posts: Plans exist for improvements
in built-in FB security in future versions.
--
Geoff Worboys
Telesis Computing