As discussed in http://sourceforge.net/mailarchive/message.php?msg_id=27353311
What: keep track of databases (via configuration in aliases.conf) and present/advertise that in a system view/table and/or via services API.
(Discussion on security implications lead to preference for services API)
If enabled, this allows users to query which databases are present on a server.
Why: developers/end users can more easily choose and connect to a database on a Firebird server, even point and click. See pros below.
- Ease of use for end users:
-- Their applications can be modified to provide point and click GUI connection options: avoids typos, extra documentation, looking up aliases, and bothering IT staff.
- Ease of use for developers:
-- In house apps that keep track of databases can be converted
-- Drivers such as Firebird.Net driver can add schema support (for databases), e.g. for support of the SharpDevelop database plugin and better support for Visual Studio.
-- As mentioned above, developers can use adapted drivers in GUI/RAD environments to connect to a database by visually selecting it. Avoids typos, extra documentation, and looking up aliases.
- Increased code complexity/maintenance
- Security issue: leakage of information on databases present on system.
- Security issue: denial of service/brute force attacks with by bruteforcing database aliases has increased impact (due to more code executing).
Remediation for both security issues: disable advertising by default; admin has to edit aliases.conf to show a database.
Also, restrict access to people with SYSDBA.
Ideas for implementation:
Must have for this feature to be usable:
1.1 Aliases.conf extends notation from e.g.
dummy = c:\data\dummy.fdb
to something like
dummy = c:\data\dummy.fdb;advertise=yes
1.2 System view/table like RDB$DATABASES and/or services API function that returns the list of alias names. This allows devs/end users to query this to get an overview of databases on the server.
1.3 Determine what should happen if a DROP DATABASE command is committed for one of the advertised dbs.
Nice to have:
2.1 Not only advertise database name from aliases, but also things the engine reads on connection (e.g. page size, charset,...), possibly file location (only accessible to server SYSDBA for security)
Note: Thomas Steinmaurer mentioned that in InterBase 7.5 and up, this functionality is provided by a table called DB_ALIAS in the security database; see e.g. http://www.gvsnet.nl/ibconsole/using_aliases_in_IBConsole.pdf