You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We have a system based on Firebird 1.5.x. After migration on 2.0, users of the application could not see other user's full names except their own.
When I try to get user info for all users the result is only for currently logged user.
Can I do this in other way, or it will be done i next versions.
Best regards!
Firebird team is the best!!!
The text was updated successfully, but these errors were encountered:
Ability for any non-privileged user to get information about all users (including gettin full logons list) was a security risk in FB1.X. Having list of all users makes it much simpler to attempt brute force attack to guess someone password (without that list one must know logins). This is the reason for letting only sysdba to get full users list.
But restriction is implemented only at SQL level in security2.fdb. Therefore you may easily change VIEW USERS if you really want to open access to all users list.
Submitted by: Rosen Ivanov (rosen_pi)
We have a system based on Firebird 1.5.x. After migration on 2.0, users of the application could not see other user's full names except their own.
When I try to get user info for all users the result is only for currently logged user.
Can I do this in other way, or it will be done i next versions.
Best regards!
Firebird team is the best!!!
The text was updated successfully, but these errors were encountered: