| Subject | Re: Coexistance of autonomous applications |
|---|---|
| Author | lafrashenning |
| Post date | 2007-11-13T08:16:31Z |
Is it possible to use the embeded firebird to create the database and
add users, then to switch to superserver and login as the user
created using the embeded server.
add users, then to switch to superserver and login as the user
created using the embeded server.
--- In firebird-support@yahoogroups.com, Helen Borrie <helebor@...> wrote:
>
> At 05:38 PM 13/11/2007, you wrote:
> >Thanks Helen,
> >
> >The problem is the other software has control of the SYSDBA and the
> >client has no idea what the password is.
> >
> >And the other software vendor is nowhere to be found.
> >
> >So no one can create anything using the existing SYSDBA.
> >
> >Is it possible to load a file (.fdb) that already contains its users
> >to the clients computer?
> >I.E. Can I create a fdb file on my computer and just copy it to the
> >other and use the same user credentials?
>
> If you are talking about replacing the security database entirely
then, yes, this is possible. (security.fdb on Fb 1.5, security2.fdb
on Fb 2.0, and they are not interchangeable).
>
> Perhaps still don't realise that user authentication (that's the
thing that you need a login name and password for) is server-based,
while user privileges are database-based. If you replace the security
database, you might well break the user's old application - if it was
written with the login name and password hard-coded in the application
(which is naughty, but unfortunately it does happen!).
>
> If the users don't currently have a utility by which it is possible
to add, delete and modify users, and it's true that nobody knows the
SYSDBA password, then the situation is really bad. If they don't
"need" to do that task then it's strongly likely they have only one
user and it is probably SYSDBA. :-( And its password is hard-coded in
the application code. :(
>
> Now, obviously, for you to do as I recommended yesterday, you need
to have someone there who can log in as SYSDBA, to create the user who
would be the Owner of your databases. Can you make a more exhaustive
inquiry about this? For example, ask around as to whether anyone
knows how to change user passwords? For Fb 1.5 and below, that person
would *have* to know the SYSDBA login.
>
> If that draws a blank, can you get hold of the source code to that
other application to find out whether there is an exposed string in
there that would give you the password?
>
> ./heLen
>