Firebird Security (in Russian) at Ansoft'2008 conference

Firebird SQL database Security (in Russian)

Firebird Linux.
Firebird

(Firebird Foundation)peshkoff at mail.ru

Firebird Linux

- Firebird Unix-

Firebird

API,

Firebird Linux

Linux: Firebird, Unix- (SHADOW NFS)

,

Firebird Linux

:

Firebird Linux

Firebird Linux : Classic SuperServer

, Linux

Sourceforge.net

Firebird Linux

inetd / xinetd -

Firebird

Firebird Linux

, LinuxBugcheckAbort

LockMemSize, EventMemSize -

RemoteFileOpenAbility NFS

Firebird Linux

, Linux ( 2.5)LockSemCount

LockSignal UNIX-,

Firebird

,

, -

Firebird

InterBase ( , )

Windows 3.X

Windows NT, 3.X

OSRI

OSRI (Open System Relational Interface)

YvalveNetwork listener/ (isql)

Engine8_12Engine13Network redirector

Firebird

1.0 2002 , politically correct

1.5 2004 , root linux ( windows)

SQL- (External Table + UDF)

Firebird

2.0 2006 ,

-

Firebird

2.1 -

Windows Firebird (Trusted Authentication)

- Firebird 2.5

( 32 )

- Firebird 2.5

SQL

GRANT REVOKE

RDB$ADMIN

(windows) RDB$ADMIN

- Firebird 2.5

SQL

CREATE USER name PASSWORD 'pw' FIRSTNAME 'first' MIDDLENAME 'middle' LASTNAME 'last'

ALTER USER name PASSWORD 'pw' FIRSTNAME 'first' MIDDLENAME 'middle' LASTNAME 'last'

DROP USER name

- Firebird 2.5

SQL

2.5 security2.fdb

Alter User - , SYSDBA

GRANTED BY GRANT REVOKE SYSDBA ,

SQL-

SQL

- Firebird 2.5

GRANTED BY:

sysdba:CREATE ROLE role1;GRANT role1 TO user1 WITH ADMIN OPTION;

user1:GRANT role1 TO PUBLIC;

sysdba:REVOKE role1 FROM PUBLIC GRANTED BY user1;

- Firebird 2.5

REVOKE

REVOKE ALL ON ALL FROM

,

# gsec -del GUEST1# isql employeeSQL> REVOKE ALL ON ALL FROM GUEST1;

- Firebird 2.5

- Firebird 2.5

RDB$ADMIN

GRANT RDB$ADMIN TO GUEST1 RDB$ADMIN GUEST1 (SYSDBA)

REVOKE RDB$ADMIN FROM GUEST1

- Firebird 2.5

RDB$ADMIN

ALTER ROLE RDB$ADMIN SET / DROP AUTO ADMIN MAPPING Firebird 3 (, ) (, )

Firebird 3. ()

- ( )

-

Firebird 3. ()

FileName = $(root)/db/data1.fdb Security = $(root)/db/secure.fdb

FileName = /raid/data.fdb Security = self

FileName = $(arg0) Security = $(root)/security2.fdb

Firebird 3. ()

-

Trusted authentication 2.1

Trusted : public , private

LDAP, PAM ..

CHAP

Firebird 3. ()

SQLALTER ROLE name ADD OS_NAME 'os_name'

ALTER USER name ADD OS_NAME 'os_name'

ALTER ROLE name DROP OS_NAME 'os_name'

ALTER USER name DROP OS_NAME 'os_name'

!

www.firebirdsql.org

Technology

Firebird Security (in Russian) at Ansoft'2008 conference