search

FirebirdSQL / firebird

Firebird server, client and tools
https://www.firebirdsql.org/
1.26k stars 217 forks source link

Database should revoke SYDBA grants [CORE2369] #2791

Open firebird-automations opened 15 years ago

firebird-automations commented 15 years ago

Submitted by: Marco Wolff (marcoh)

Hi,

after installing Firebird Server, the default User Sysdba with the default password is installed. For security reasons i changed the password of the SYSDBA for declining the access to my fdb's. So on this PC no one can connect to my fdb.

But now, if i install Firebird Server on one another PC, everyone can log in with the default user SYSDBA and his default password and can connect to my fdb copied from the first PC.

How can i revoke grants from the SYSDBA? It should not possible that worldwide every SYSDBA can attach to my fdb. Even i added roles and only one role has permissions to do a select on my fdb, the SYSDBA can always do everything. For security reasons that's critical or not?

Thanks for your answer. Marco

firebird-automations commented 15 years ago
Modified by: Marco Wolff (marcoh) security: Managers \[ 10013 \] =\> Developers \[ 10012 \]
firebird-automations commented 12 years ago
Modified by: @dyemanov security: Developers \[ 10012 \] =\>