| Subject | RE: [firebird-support] Firebird 2.x security and non-SYSDBA users |
|---|---|
| Author | Alan McDonald |
| Post date | 2009-05-14T10:25:20Z |
> Hi security expertsIf you've modified security2.fdb to allow adding new users, then it's a
>
> With Firebird 1.5 I have modified the security.fdb to let an non-SYSDBA
> user add and delete USERS.
>
> The same modification works with Firebird 2.1.2 and security2.fdb only
> for adding users with an non-SYSDBA user. Deleting is not possible,
> because a non-SYSDBA user can not see other users.
>
> Two questions:
> - Is this a bug or a feature that a non-SYSDBA user can ad users?
feature YOU'VE created.
> - Can I configure firebird 2.1, so that a non-SYSDBA user (with theYou can try... You can mess with security2.fdb as much as you like but since
> needed grants in the security2.fdb) can delete users?
there is no direct access to the database file itself, you are still at the
mercy of what the security service permits in the way of access and
modification.
I'd like to know what mods you have made to allow adding users from a
non-SYSDBA account.
Alan