Additional keyholder opens unauthorized connections to encrypted database
-------------------------------------------------------------------------
Key: CORE-5735
URL: http://tracker.firebirdsql.org/browse/CORE-5735
Project: Firebird Core
Issue Type: Bug
Components: Engine
Affects Versions: 4.0 Alpha 1, 3.0.2
Reporter: Alexander Peshkov
Imagine that we have some database on SS connection to which should be possible
only from dedicated software providing secret key. Any connections (except one
from that SW) should be impossible.
With additional keyholder in which method useOnlyOwnKeys() returns FB_FALSE
doing nothing more for that database (i.e. for target database there should be
configured 2 KeyHolder plugins) one can attach to that database from any tool
provided there is at least one legal (providing required key) connection to it.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://tracker.firebirdsql.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
Firebird-Devel mailing list, web interface at
https://lists.sourceforge.net/lists/listinfo/firebird-devel
