Till today we always used to provide security database pre-configured for use with single record for SYSDBA with masterke(y) password. In FB3 we have at least two reasons to stop use that schema: - having masterkey as default preset-ted SYSDBA's password is security vulnerability cause people are often lazy enough and keep such password in production, - any database can serve as security one, therefore we need a method to initialize it for such usage dynamically.
I suggest to use the following steps to prepare security database for use. 1. Database to become security one should exist. 2. Only management plugin can initialize it (server part of auth should correctly say NO on attempt to use not prepared DB). 3. Management plugin when missing required data structures executes built-in initialization script. 4. It's supposed that user or install procedure will invoke gsec in embedded mode to add first user (typically SYSDBA) with random or entered by user password to begin to work with security database. Must say that linux install requires minimum changes for it. SYSDBA's password is not kept default on linux after install. Silent installs makes it random (I need just increase length of random string), dialog one asks user for password. Changing gsec switch from mod to add is definitely not a problem too :) I wonder is it possible to change windows installer to initialize security database. Next, for ZIP install people will have to run gsec first time manually. Are this changes OK for us? ------------------------------------------------------------------------------ Write once. Port to many. Get the SDK and tools to simplify cross-platform app development. Create new or port existing apps to sell to consumers worldwide. Explore the Intel AppUpSM program developer opportunity. appdeveloper.intel.com/join http://p.sf.net/sfu/intel-appdev Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
