Issue Details (XML | Word | Printable)

Key: CORE-3370
Type: Sub-task Sub-task
Status: Closed Closed
Resolution: Fixed
Priority: Major Major
Assignee: Alexander Peshkov
Reporter: Alexander Peshkov
Votes: 0
Watchers: 1
Operations

If you were logged in you would be able to see more operations.
Firebird Core
CORE-3368

Resolve additional aspects of multiple security databases from services and cross-database requests POV

Created: 02/Mar/11 01:34 PM   Updated: 23/Sep/15 12:17 PM
Component/s: None
Affects Version/s: None
Fix Version/s: 3.0 Beta 1


 Description  « Hide
Currently one can execute cross-database query on the same server without additional authentication. This was OK when having only server-wide authentication. With SecurityDatabase parameter, added to aliases.conf, one can login to some database as USER1, but it does not mean that he is granted to access as USER1 another database, for which another SecurityDatabase is psecified. Same issue with access to database using services.

Solution of this problem is supposed to go together with mapping server/OS security objects to database users. For services we need additional SPB parameter, specifying with what database are we going to work.

 All   Comments   Change History   Subversion Commits      Sort Order: Ascending order - Click to sort in descending order
There are no comments yet on this issue.