Server does not accept the right plan
-
Key: CORE-4539
URL: http://tracker.firebirdsql.org/browse/CORE-4539
Project: Firebird Core
Issue Type: Bug
Affects Versions: 3.0 Beta 1
Environment: Win
I still argue that we should take the opportunity to not only fix this
issue, but to improve the FB product functionality.
The core requirement is to stop non-authorized users from viewing source
code. The current process is to delete the source code from the database.
There is also the common
04.09.2014 16:49, Dalton Calford wrote:
> So, DDL statements such as GRANT VIEW which is used by MS SQL for metadata
> security could
> be applied to FB.
No, they couldn't unless Firebird is run in controlled environment which is
not the
case of topic starter.
--
WBR, SD.
-
Dalton, it's theoretically impossible to hide something with system
privileges and without encryption on an open source product. All that's
necessary is for someone to compile a version without checks. Now, it
is true that we're only trying to protect the "source" from people too
ignorant or
If the on disk file is encrypted as stated in my discussion, and the sysdba
is limited or prevented from connecting as also stated, then this will run
on a non-controlled environment.
The question is, what level of encryption is needed? You can encrypt the
entire database, certain pages of the d
Dalton Calford wrote:
> I still argue that we should take the opportunity to not only
> fix this issue, but to improve the FB product functionality.
Part of the problem is the timing. How much do the Firebird
developers really want to implement right now before v3.0
release.
Another part is that
Hi Jim,
If the on disk database is encrypted, and the end user is only provided
enough credential keys to see what the application developer wants them to
see, then, the information remains secure.
The assumption on my part is that some elements of the database such as the
DDL descriptions, sourc
On Sep 4, 2014, at 11:17 AM, Geoff Worboys wrote:
> Dalton Calford wrote:
>> I still argue that we should take the opportunity to not only
>> fix this issue, but to improve the FB product functionality.
>
> Part of the problem is the timing. How much do the Firebird
> developers really want to
Regression in 3.0: compiler requires aliasing of table in UPDATE ... RETURNING
statement when include RDB$DB_KEY in fields list
---
Key: CORE-4540
Hi Geoff,
If you notice at the end of my first posting, I said the
encryption/decryption/authorization could wait for later implementation and
the new DDL statements that happen to deal with the rdb$source fields would
just delete the source - ie provide the same functionality.
The existing behav
I don't necessarily disagree with you, but what you suggest requires
major design, buy in, and implementation, none of which are remotely
possible in the available time.
Encryption is all about key management which is not simple and if isn't
correctly designed and implemented, is useless. It
04.09.2014 19:25, Tom Coleman wrote:
>
> Speaking of the v3.0 release, who updates 3.0 Beta 1 release dates?
Me.
> August 31 has come and gone:
I know.
> Are there really just 5 unresolved issues delaying the beta release?
Yes, around that number.
Dmitry
---
Dalton Calford wrote:
[...]
> What it does mean, is that if someone tries to connect to a
> database that is fully encrypted and their client does not
> securely pass the decryption key to the server, the server
> will just come back with an error about the database being
> corrupt or some other ag
Hi Geoff,
You must have missed the part about the developer using a custom embedded
tool ie, not going through the server but touching the database directly.
Using custom embedded tools for such work is quite common and if the
developer leaves that tool in the clients control when they are not wor
shadow filesize should not be smaller than database filesize
Key: CORE-4541
URL: http://tracker.firebirdsql.org/browse/CORE-4541
Project: Firebird Core
Issue Type: Improvement
On 02/09/2014 07:09, Jiří Činčura wrote:
> Hi,
>
> If I do "similar to '[a-z\_-]' escape '\'" I got a error about invalid
> pattern. The "-" is causing problems. Surprisingly doing '[a-z-\_]' is fine
> and also '[a-z-]' is fine. Testing the first regex on various parsers it
> worked. Why it does
I misunderstood what you meant by "custom embedded tool" and
connecting directly to the database. It sounds like you're
talking about a custom-built version of Firebird that they load
onto the machine (somehow?), do what they need to do, and then
unload before they go (presumably wiping up after t
dad fields name current_date, current_timestamp
Key: CORE-4542
URL: http://tracker.firebirdsql.org/browse/CORE-4542
Project: Firebird Core
Issue Type: Bug
Components: Engine
Aff
Dalton Calford wrote:
[...]
> As I have stated in multiple posts - I am not looking for the
> authentication/authorization/encryption layer to be complete,
> just a parser change. In the same vein as "COMMENT ON"
> replaced "UPDATE RDB$ SET RDB$DESCRIPTION=..." .
Having slept on it (which
19 matches
Mail list logo
