| Subject | Re: [firebird-support] How do I prevent non-SYSDBA user from seeing DB structure? |
|---|---|
| Author | Zd |
| Post date | 2008-11-09T19:56:19Z |
Dear Ann,
Thank you for your answer. Did you mean this paper?
http://www.firebirdsql.org/manual/fbmetasecur.html
Here is my problem:
I have a client-server architecture system using FB as a DB server.
User information is stored in a table called users (which contain usernames and password hashes).
Since some of the clients connect through the Internet, I'd like to prevent hackers from extracting the SYSDBA password from my client programs and getting full access to the database.
Someone on this forum suggested a while back that I could create a stored procedure that gives back the SYSDBA password if the user supplied a correct username / password to it.
So I created a separate DB user with execute rights to the stored procedure.
I think this should be the code for deleting the stored procedure's code:
UPDATE rdb$procedures
SET rdb$procedure_source = NULL
WHERE ((rdb$system_flag = 0) OR (rdb$system_flag IS NULL))
What does the BLR format mean? From what you wrote I suppose this BLR format can be reverse-engineered so my protection mechanism would be useless...
Any ideas to solve this whole issue? Please note that creating separate DB users is a no-go, and I must stick to sending the SYSDBA password to the client somehow...
Thank you!
Thank you for your answer. Did you mean this paper?
http://www.firebirdsql.org/manual/fbmetasecur.html
Here is my problem:
I have a client-server architecture system using FB as a DB server.
User information is stored in a table called users (which contain usernames and password hashes).
Since some of the clients connect through the Internet, I'd like to prevent hackers from extracting the SYSDBA password from my client programs and getting full access to the database.
Someone on this forum suggested a while back that I could create a stored procedure that gives back the SYSDBA password if the user supplied a correct username / password to it.
So I created a separate DB user with execute rights to the stored procedure.
I think this should be the code for deleting the stored procedure's code:
UPDATE rdb$procedures
SET rdb$procedure_source = NULL
WHERE ((rdb$system_flag = 0) OR (rdb$system_flag IS NULL))
What does the BLR format mean? From what you wrote I suppose this BLR format can be reverse-engineered so my protection mechanism would be useless...
Any ideas to solve this whole issue? Please note that creating separate DB users is a no-go, and I must stick to sending the SYSDBA password to the client somehow...
Thank you!
----- Original Message -----
From: Ann W. Harrison
To: firebird-support@yahoogroups.com
Sent: Sunday, November 09, 2008 5:34 PM
Subject: Re: [firebird-support] How do I prevent non-SYSDBA user from seeing DB structure?
Zd wrote:
>
>
> Now the user can't read or modify any data, but it can see
> database metadata! The biggest problem is that the new user
> sees the code of my stored procedure, which has the SYSDBA
> password built-in!
>
> So the question is:
> How do I revoke the new user's rights to see database metadata?
>
You can't. By design, all aspects of the user's access to the
database is done with the access rights gained on login. If
the user couldn't read the metadata, no queries could be compiled.
However, you can delete the source of your procedure and keep
only the "blr" format of it which is harder to read. But
basically, storing the sysdba password in the database is not
clever. There's a good paper on securing metadata which I
can't find at the moment. I'm sure someone will post a link
to it.
Best
[Non-text portions of this message have been removed]