Advertise list of databases via aliases.conf --------------------------------------------
Key: CORE-3527 URL: http://tracker.firebirdsql.org/browse/CORE-3527 Project: Firebird Core Issue Type: New Feature Components: Engine Affects Versions: 3.0 Alpha 1 Environment: All Reporter: JimBeam Priority: Minor As discussed in http://sourceforge.net/mailarchive/message.php?msg_id=27353311 What: keep track of databases (via configuration in aliases.conf) and present/advertise that in a system view/table and/or via services API. (Discussion on security implications lead to preference for services API) If enabled, this allows users to query which databases are present on a server. ======================================================================== Why: developers/end users can more easily choose and connect to a database on a Firebird server, even point and click. See pros below. ======================================================================== Pros: - Ease of use for end users: -- Their applications can be modified to provide point and click GUI connection options: avoids typos, extra documentation, looking up aliases, and bothering IT staff. - Ease of use for developers: -- In house apps that keep track of databases can be converted -- Drivers such as Firebird.Net driver can add schema support (for databases), e.g. for support of the SharpDevelop database plugin and better support for Visual Studio. -- As mentioned above, developers can use adapted drivers in GUI/RAD environments to connect to a database by visually selecting it. Avoids typos, extra documentation, and looking up aliases. Cons: - Increased code complexity/maintenance - Security issue: leakage of information on databases present on system. - Security issue: denial of service/brute force attacks with by bruteforcing database aliases has increased impact (due to more code executing). Remediation for both security issues: disable advertising by default; admin has to edit aliases.conf to show a database. Also, restrict access to people with SYSDBA. ======================================================================== Ideas for implementation: Must have for this feature to be usable: 1.1 Aliases.conf extends notation from e.g. dummy = c:\data\dummy.fdb to something like dummy = c:\data\dummy.fdb;advertise=yes 1.2 System view/table like RDB$DATABASES and/or services API function that returns the list of alias names. This allows devs/end users to query this to get an overview of databases on the server. 1.3 Determine what should happen if a DROP DATABASE command is committed for one of the advertised dbs. Nice to have: 2.1 Not only advertise database name from aliases, but also things the engine reads on connection (e.g. page size, charset,...), possibly file location (only accessible to server SYSDBA for security) ======================================================================== Note: Thomas Steinmaurer mentioned that in InterBase 7.5 and up, this functionality is provided by a table called DB_ALIAS in the security database; see e.g. http://www.gvsnet.nl/ibconsole/using_aliases_in_IBConsole.pdf -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://tracker.firebirdsql.org/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira ------------------------------------------------------------------------------ EditLive Enterprise is the world's most technically advanced content authoring tool. Experience the power of Track Changes, Inline Image Editing and ensure content is compliant with Accessibility Checking. http://p.sf.net/sfu/ephox-dev2dev Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel