I just tried to drop the LegacyAuth SYSDBA account from the security database, but this only results in:

SQL> drop user sysdba using plugin Legacy_UserManager;
Statement failed, SQLSTATE = HY000
delete record error

As the second best option I tried disabling it, but disabling accounts is not possible with the Legacy_UserManager (or ignored by LegacyAuth), only with Srp disabling accounts works.

I have no problems dropping SYSDBA with Srp, why is this not possible with Legacy_UserManager? Am I missing something?

I also tried gsec, but it looks like gsec in 3.0.7 will always pick Srp, ignoring the UserManager setting in firebird.conf.

As a result, requiring a strong password for SYSDBA (by only using Srp for admin accounts) is impossible if you also need to be able to support LegacyAuth for other accounts.

Mark
--
Mark Rotteveel


Firebird-Devel mailing list, web interface at 
https://lists.sourceforge.net/lists/listinfo/firebird-devel

Reply via email to