Enabling legacy authentication in Windows installer leads to less secur config
than possible
--------------------------------------------------------------------------------------------
Key: CORE-6011
URL: http://tracker.firebirdsql.org/browse/CORE-6011
Project: Firebird Core
Issue Type: Bug
Components: Build Issues / Porting, Installation, Security
Affects Versions: 4.0 Beta 1
Reporter: Mark Rotteveel
When you enable legacy authentication in the Windows installer, it will
configure firebird.conf with
AuthServer = Legacy_Auth, Srp, Win_Sspi
AuthClient = Legacy_Auth, Srp, Win_Sspi
This is insecure for two reasons:
1. It is missing the new Srp256 plugin which is the default
2. The order for authentication plugins should be from most secure to least
secure to avoid leaking information about credentials of Srp users (eg if
Srp256 or Srp succeeds, there is no need to send the password using the less
secure UnixCrypt hash in Legacy_Auth).
In other words, enabling legacy authentication should produce
AuthServer = Srp256, Win_Sspi, Legacy_Auth
(or maybe AuthServer = Srp256, Srp, Win_Sspi, Legacy_Auth)
The default for AuthClient (AuthClient = Srp256, Srp, Win_Sspi, Legacy_Auth) is
already sufficient and secure enough, so there is no need to write an explicit
config.
Personally, I'd also prefer if UserManager order would be set to Srp,
Legacy_UserManager, but to support legacy tools that is not really an option.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://tracker.firebirdsql.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
Firebird-Devel mailing list, web interface at
https://lists.sourceforge.net/lists/listinfo/firebird-devel
