On 2/25/19 5:51 PM, Lester Caine wrote:
On 25/02/2019 14:05, Alex Peshkoff via Firebird-devel wrote:
Then lets change this question to why the security database in the
distribution isn't initialized for SRP (ie having the PLG$SRP table,
maybe other things needed). Would it be possible to initialize it as
part of the distribution **without** having a user present? That at
least would avoid the "Look at the compatibility chapter" error.
It will be very useful for a user which started to change
configuration file not understanding it to read an instruction
instead of continuing in random order.
Once again - if one includes SRP in configuration security DB should
contain at least one SRP user, if there are no users why include it
at all?
If I am reading this correctly then I was correct last month when I
simply ended up stripping all but the Legacy options from the config
file? Rather than following the 'compatibility chapter' which I don't
think makes any mention about creating a srp user ... it's about
manually creating a legacy SYSDBA/xxx which in the case of the SUSE
install already existed. It WAS only when I removed the srp ( and
windows ) entries that I could get in.
I've a stack of 6 servers out in the workshop each with their own copy
of firebird but also using versions on other machines in the stack as
backups. The 3050 port is not enabled outside the network and apart
from using Flamerobin for manual tweaks, everything else is accessed
via PHP, so DO I need to worry about SRP on this setup?
Lester, as I've already said: if you are sure that nothing untrusted can
reach your port 3050 - what a difference what authentication plugin is
used? The only small one - legacy is slightly faster.
Firebird-Devel mailing list, web interface at
https://lists.sourceforge.net/lists/listinfo/firebird-devel