Subject Can non-sysdba really alter users?
Author Tomasz Tyrakowski
Hello,

I'd be very grateful if someone could repeat the scenario described
below and confirm I'm not daydreaming (should take about 1 minute). I've
tested it on FB 2.5.0.26074 CS (Linux 32 and 64 bit).

According to

http://www.firebirdsql.org/refdocs/langrefupd25-security-sql-user-mgmt.html

any user with RDB$ADMIN role in the security database and at least one
other database should be able to create/alter/drop other users.
If so, in my opinion the following scenario should complete without
errors (creating a new database is not relevant, but I included it to
make sure we start from a clean setup).

1. Run isql as SYSDBA and execute:
create database 'test.fdb';

2. Close isql, run it again and connect to test.fdb as sysdba (e.g. isql
-user sysdba -password topsecret test.fdb) and execute:
create user U1 password '1';
commit;
alter user U1 grant admin role;
commit;
grant RDB$ADMIN to U1;
commit;

3. Close isql. At this point, we have a user U1, who satisfies the
requirements from the manual mentioned above. So, run isql again,
connecting as the new user:
isql -user U1 -password 1 -role 'RDB$ADMIN' test.fdb
and execute:
create user U2 password '1';
commit;
alter user U2 password '2';
commit;

The last alter user statement fails with message

Statement failed, SQLSTATE = HY000
record not found for user: U2

However, the create user works fine (gsec shows, that U2 had been
created). Any subsequent attempts to change U1 fail, though.
Is there anything I'm missing? Should I somehow tell Firebird that, when
connecting as U1, I'd like to assume admin role not only in test.fdb,
but also in the security database?

Any help appreciated.

regards
Tomasz

--
__--==============================--__
__--== Tomasz Tyrakowski ==--__
__--== SOL-SYSTEM ==--__
__--== http://www.sol-system.pl ==--__
__--==============================--__