Lack of Predictability in SET TRUSTED ROLE
------------------------------------------
Key: CORE-5787
URL: http://tracker.firebirdsql.org/browse/CORE-5787
Project: Firebird Core
Issue Type: Improvement
Components: Security
Affects Versions: 3.0.3
Environment: All
Reporter: Tony Whyman
Priority: Minor
The "SET TRUSTED ROLE" SQL statement was added in Firebird 3 and is described
in the release notes as:
"The idea of a separate SET TRUSTED ROLE command is that, when the trusted user
attaches to a database with-out providing any role info, SET TRUSTED ROLE makes
a trusted role (if one exists) the CURRENT_ROLE without any additional
activity, such as setting it in the DPB.
A trusted role is not a specific type of role but may be any role that was
created using CREATE ROLE, or a predefined system role such as RDB$ADMIN. It
becomes a trusted role for an attachment when the security objects mapping
subsystem finds a match between the authentication result passed from the
plug-in and a local or global mapping for the current database. The role may be
one that is not even granted explicitly to that trusted user."
This lack of predictability (e.g. the last statement in the above quote) may be
of concern to Security Administrators which want to ensure that all access
rights are explicit and deterministic.
In order to mitigate such concerns it is proposed that a configuration option
is provided to disable this feature either globally or on per database basis.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://tracker.firebirdsql.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
Firebird-Devel mailing list, web interface at
https://lists.sourceforge.net/lists/listinfo/firebird-devel
