Re: [Firebird-devel] Encrypt some more

2015-11-07 Thread Vlad Khorsun
07.11.2015 14:57, Dimitry Sibiryakov wrote: > Hello, All. > > Is it too late to include most of page header into encrypted part of a > page, leaving > unencrypted only page type and flags? For what ? IIRC, pag_scn and pag_pageno is required for physical backup to be not encrypted

Re: [Firebird-devel] Encrypt some more

2015-11-07 Thread Dimitry Sibiryakov
07.11.2015 15:49, Vlad Khorsun wrote: >> Is it too late to include most of page header into encrypted part of a >> page, leaving >> >unencrypted only page type and flags? > For what ? IIRC, pag_scn and pag_pageno is required for physical backup > to be not encrypted To make

[Firebird-devel] setDbCryptCallback()

2015-11-07 Thread Dimitry Sibiryakov
Hello, All. Is callback set with subj supposed to work with custom key holder plugin only? -- WBR, SD. -- Firebird-Devel mailing list, web interface at

Re: [Firebird-devel] Security problem with encrypted databases

2015-11-07 Thread Dimitry Sibiryakov
07.11.2015 15:57, Vlad Khorsun wrote: > I'd say it will be good to have ability to validate encryption key when > it is passed into the engine. I.e. not at every page read Say, a malefactor has algorithm, but not a key (which is usual situation in OSS world). In this case it is easy to

Re: [Firebird-devel] Security problem with encrypted databases

2015-11-07 Thread Vlad Khorsun
07.11.2015 15:11, Dimitry Sibiryakov wrote: > Hello, All. > > Because currently there is no checksum on db pages (even a fake one), Here you wrong - pag_pageno is used for basic validation instead of old checksum's. > there is no way > to check if a page was decrypted right. Here

[Firebird-devel] Encrypt some more

2015-11-07 Thread Dimitry Sibiryakov
Hello, All. Is it too late to include most of page header into encrypted part of a page, leaving unencrypted only page type and flags? -- WBR, SD. -- Firebird-Devel mailing list, web interface at

[Firebird-devel] Security problem with encrypted databases

2015-11-07 Thread Dimitry Sibiryakov
Hello, All. Because currently there is no checksum on db pages (even a fake one), there is no way to check if a page was decrypted right. As the result, any application that provide a wrong key, crash the engine and whole server. Any thoughts?.. -- WBR, SD.

[Firebird-devel] [FB-Tracker] Created: (CORE-4995) Add standard SQL "extended grouping capabilities" - ROLLUP, CUBE, GROUPING SETS

2015-11-07 Thread Adriano dos Santos Fernandes (JIRA)
Add standard SQL "extended grouping capabilities" - ROLLUP, CUBE, GROUPING SETS --- Key: CORE-4995 URL: http://tracker.firebirdsql.org/browse/CORE-4995 Project: Firebird Core

Re: [Firebird-devel] Security problem with encrypted databases

2015-11-07 Thread Adriano dos Santos Fernandes
Em 07/11/2015 13:11, Dimitry Sibiryakov escreveu: > 07.11.2015 15:57, Vlad Khorsun wrote: >> I'd say it will be good to have ability to validate encryption key when >> it is passed into the engine. I.e. not at every page read > >Say, a malefactor has algorithm, but not a key (which is

[Firebird-devel] Streaming backups with Jaybird?

2015-11-07 Thread Ivan Arabadzhiev
Hi everyone, For a number of reasons I'm interested in the concept and even looked at the possibility of adding a FBStreamingBackupManager (or something like that) but I'm not currently exactly sure where/how that should happen and for the moment don't have the extra time. What did occur to me is