| Subject | RE: [firebird-support] Re: SuperServer on Gentoo doesn't start any more |
|---|---|
| Author | Brenden Walker |
| Post date | 2008-01-21T13:28:43Z |
> -----Original Message-----<snip>
> From: firebird-support@yahoogroups.com
> [mailto:firebird-support@yahoogroups.com] On Behalf Of skoczian
> Sent: Sunday, January 20, 2008 4:43 AM
> To: firebird-support@yahoogroups.com
> Subject: [firebird-support] Re: SuperServer on Gentoo doesn't
> start any more
>
> I suppose at this point the ISC_USER and ISC_PASSWORDI don't see this as being any more of a security risk that having the
> variables are used (the script exports them - getting them
> from /etc/conf.d/firebird, even if I can't quite see how).
>
> > Unfortunatley I don't know a thing about Gentoo so I can't tell
> you
> > more. And to me it looks like a gentoo-specific start/stop script
> issue.
> >
> Yes, it is. At the moment it's like this: I can start and
> stop the server, with 'masterkey' or with another SYSDBA
> password. But to be able to do this, I have to write this
> password as plain text into a text file. That's no real
> problem for me (local database, shouldn't be reachable from
> the net), but I don't think it's a good idea. And at the
> moment I'm unable to put this point of view convincingly into
> the Gentoo bugzilla. The bug has just been closed for the
> second time. That's what really bothers me.
FDB file on your HD. The firebird file in /etc/conf.d should be
readable by root only anyway. Easily compromised with local access (as
pretty much all machines are). If someone can get to your /etc
directory over the net, there's a bigger problem.