On 07/13/2015 04:07 PM, Paul Reeves wrote: > On Monday 13 July 2015 13:33:48 Alex Peshkoff wrote: >> Windows installer still suggests as a default to provide legacy >> authentication. For how long do we keep insecure choice as a default? > That is a very good question. > > In my opinion it should be the default for v3.0,
I strongly disagree with that suggestion. Plain passwords traveling over the wire is the Achilles heel of firebird security for many years, and we should not keep it as the default for some more years. The rule of dumb is that default setup must be as secure as possible, and only having that solid background we may provide to users options for backward compatibility. > and clearly marked as > deprecated and it will not be the default for 3.n. > > I think we need to give people time to look at how the new security methods > work. For example.... > > >> Well, I've unchecked it and continued installation. And found no sysdba >> user after successful (no error messages) completion of install process. > Obviously I am missing something huge here - if we don't provide legacy > authentication how and where do we create sysdba? If we DO provide legacy authentication we need NOT create sysdba. We keep legacy plugin as legacy as possible, therefore security database (according to legacy rules) already contains legacy record for sysdba with password masterke. Record for SYSDBA should be added to security database for new plugins, including SRP. That record is not pre-configured for security reason: it's very dangerous to have firebird server running with masterkey as sysdba password. Yes, it's possible to change password during installation (like we do in linux for FB 2.x). But in case of incomplete for some reason install we can have as a worst case installed firebird with default password. Adding SYSDBA record in the end of install does not require from installer something much different from changing password, but it's much better from security POV - in case of incomplete install we have firebird server without SYSDBA at all to which noone can connect remotely. The question 'how' has very simple answer: a) echo "create or alter user sysdba password 'SomethingLongAndCunning'; exit;" | isql -user sysdba b) gsec -user sysdba -add sysdba -pw 'SomethingLongAndCunning' ------------------------------------------------------------------------------ Don't Limit Your Business. Reach for the Cloud. GigeNET's Cloud Solutions provide you with the tools and support that you need to offload your IT needs and focus on growing your business. Configured For All Businesses. Start Your Cloud Today. https://www.gigenetcloud.com/ Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
