[Firebird-devel] [FB-Tracker] Created: (CORE-4853) User without admin role gets slightly different messages about not found record depending on UserManager = Legacy_UserManager vs Srp

Wed, 01 Jul 2015 07:18:03 -0700 

User without admin role gets slightly different messages about not found record 
depending on UserManager = Legacy_UserManager vs Srp
------------------------------------------------------------------------------------------------------------------------------------

                 Key: CORE-4853
                 URL: http://tracker.firebirdsql.org/browse/CORE-4853
             Project: Firebird Core
          Issue Type: Improvement
          Components: Security
            Reporter: Pavel Zotov
            Priority: Trivial


Initial action:

SQL> create user u01 password '123'; commit;
SQL> exit;

Then try following command:

isql /3333:e30 -user u01 -pas 123
Database:  /3333:e30, User: u01
SQL> drop user not_existent_here; show version;

-- using two values of UserManager parameter: 1) Legacy_UserManager and 2) Srp.

For `Legacy_UserManager` we'll get:

Statement failed, SQLSTATE = 28000
find/delete record error
-no permission for DELETE access to TABLE PLG$VIEW_USERS
. . .
Firebird/Windows/Intel/i386 (remote server), version "WI-T3.0.0.31907 Firebird 
3.0 Beta 2/tcp (balaha)/P13"
Firebird/Windows/Intel/i386 (remote interface), version "WI-T3.0.0.31907 
Firebird 3.0 Beta 2/tcp (balaha)/P13"
. . .

For `Srp` output will be:

Statement failed, SQLSTATE = 28000
delete record error
-no permission for DELETE access to TABLE PLG$SRP_VIEW
. . .
Firebird/Windows/Intel/i386 (remote server), version "WI-T3.0.0.31907 Firebird 
3.0 Beta 2/tcp (balaha)/P13:C"
Firebird/Windows/Intel/i386 (remote interface), version "WI-T3.0.0.31907 
Firebird 3.0 Beta 2/tcp (balaha)/P13:C"
. . .

Difference is:
>>> find/delete record error
= vs =
>>> delete record error

It will be nice if output become the same for both values of `UserManager`.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://tracker.firebirdsql.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
Firebird-Devel mailing list, web interface at 
https://lists.sourceforge.net/lists/listinfo/firebird-devel

Reply via email to