| Subject | Re: [firebird-support] Sysdba user and what they can do |
|---|---|
| Author | Svein Erling Tysvaer |
| Post date | 2009-04-07T16:54:45Z |
A simple way to prevent random users from accessing your database
through your application, is to have a 'password encryption' algorithm.
Let's say you turn the password around (admittedly, all too simple)
within your application before connecting, so that if someone attach to
your application with user SYSDBA and use masterkey as the password,
then your application turn the password into yekretsam before
connecting. Unless the user discovers the algorithm, it is quite
unlikely that he will ever attempt to connect correctly for sysdba,
although it is of course a slight possibility (well, turning the
password around might actually be crackable by simply using a blank
password or a password consisting of one character).
You just have to remember to create your user with the encrypted
password on the server.
If you do not control the server yourself (and hence, the users will
know both the encrypted an unencrypted password), then you'll have to
use an encryption algorithm that takes into account both the username
and password to prevent the user from simply using the same password for
sysdba as your user and in that way get access to your program through
sysdba.
I am far from a security expert, and would not be surprised if someone
else found drawbacks with my suggestion.
HTH,
Set
Stevio wrote:
through your application, is to have a 'password encryption' algorithm.
Let's say you turn the password around (admittedly, all too simple)
within your application before connecting, so that if someone attach to
your application with user SYSDBA and use masterkey as the password,
then your application turn the password into yekretsam before
connecting. Unless the user discovers the algorithm, it is quite
unlikely that he will ever attempt to connect correctly for sysdba,
although it is of course a slight possibility (well, turning the
password around might actually be crackable by simply using a blank
password or a password consisting of one character).
You just have to remember to create your user with the encrypted
password on the server.
If you do not control the server yourself (and hence, the users will
know both the encrypted an unencrypted password), then you'll have to
use an encryption algorithm that takes into account both the username
and password to prevent the user from simply using the same password for
sysdba as your user and in that way get access to your program through
sysdba.
I am far from a security expert, and would not be surprised if someone
else found drawbacks with my suggestion.
HTH,
Set
Stevio wrote:
> A while back we had a discussion on here regarding the sysdba user and
> creating a user for your application etc. I'm just looking for a bit of
> guidance now and to check I am going about things the right way.
>
> I have been updating the database used by my application to be owned by a
> specific user (e.g. "myfirebirduser"), not the sysdba user. However, if
> someone logs into my application as "sysdba" instead of "myfirebirduser",
> they can still use the application just as well as "myfirebirduser" and make
> changes to the database through the application.
>
> Is the best thing to do to write code into my application to prevent someone
> logging in as the sysdba user? (I know they could still use a database
> program to access the data but I want to force them, when using the app, to
> login as "myfirebirduser".)
>
> Also, I have an existing database that I would like to change the owner and
> all the rights etc from "sysdba" to "myfirebirduser". I tried to do this
> before but didn't succeed. Can you recommend an application that I could use
> to do this and any advice about how to do it is appreciated.
>
> Thanks.