Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

firebird.log file security issue [CORE4332] #4655

Open
firebird-automations opened this issue Feb 5, 2014 · 7 comments
Open

firebird.log file security issue [CORE4332] #4655

firebird-automations opened this issue Feb 5, 2014 · 7 comments

Comments

@firebird-automations
Copy link
Collaborator

Submitted by: PizzaProgram Ltd. (szakilaci)

Currently (with FB version of 2.1 or 2.5) the only way to protect data inside an FDB file is:

- to HIDE the database file itself

(Possibly on an encrypted volume, with no/fake extension, between many other "temp"/fake files, ... ).
The connection string/Path can be encoded in the client program, so it is a nice and easy way to access it safely.
(... as I've thought until now :( )

But the log file is revealing this secret !
So a thief/hacker can :
- easily look into the log file
- see the DB path+name where to look for it,
- and copy the whole DB file to a pen-drive in no time :(

So it would be VERY important to be able to DISABLE some kind of data being logged:
log_hide_db_path=1; // would HIDE the database name and location.
log_level=0; // no logging at all for the currently connected database file !

It would be logical to set these parameters by [connection parameters] from the API.
IBDatabase1.Params.Add('log_level=0');

Currently this IS an urgent security issue !
I MUST provide data security to my clients.

THANKS !

@firebird-automations
Copy link
Collaborator Author

Commented by: @dyemanov

I've replied to both your recent comments:
CORE679
and
CORE2805

that your understanding of security is wrong. Nothing can help you if a hacker has full access to your server box, period. If you're telling about database being distributed to client computers along with your application, then database encryption is the only solution.

So this ticket is likely to be rejected.

@firebird-automations
Copy link
Collaborator Author

Modified by: @dyemanov

security: Developers [ 10012 ] =>

@firebird-automations
Copy link
Collaborator Author

Commented by: PizzaProgram Ltd. (szakilaci)

The main difference is Time.
It takes minimum 30 minutes to find the real DB. (If the thief even realizes he's looking at a fake one.)
But the log file makes this possible within 30 sec.

So the question remains:
- How else is it possible to prevent Firebird engine logging DB filenames and path?
I was searching for any solution in the last 30 hours, but the only one possibility is, when the Engine is configurable of this behavior by connection based.

Thank you VERY much!

@firebird-automations
Copy link
Collaborator Author

Commented by: PizzaProgram Ltd. (szakilaci)

I'm trying to solve this issue by creating an external UDF. (Completely forgot about this great feature..;) )
1. ANY client-app. can start it after connecting.
2. The engine will be able to run it with administrative privileges. :D
Hopefully will not block/freeze the running FB engine while overwriting/clearing the firebird.log file.

@firebird-automations
Copy link
Collaborator Author

Commented by: PizzaProgram Ltd. (szakilaci)

More than 4 years past.

UDF method isn't working, for many reasons. (example: if someone is deleting the UDF file)
This must be solved from the engine itself!
Please prioritize this task up.
At least in 3.x + 4.x versions.

>> "Nothing can help you if a hacker has full access to your server box, period."

Normally I would agree, but:
- I'm not talking about high-professional hackers, but "simple iT guys", in a ratio of 1:1000
- They have tried many times already during the last 2 years!! (Customers reported to me every time after an attempt.)
- Nobody was able to do it yet. (Luckily!) Because I'm protecting customer's DB in every way I can.
(access deny, encryption, hiding volume, fake DBs, etc)
- But all those of my effort are useless if someone gets the idea to look at the LOG file, that shows the real path. :(

Please consider: I'm not talking about a THEORY, but real cases, real people, real problems.

From 2018.05.25 on > new European Law regulation is effective about data protection and handling. (2016/679/EU)
I would like to secure all my customers data until than.

@firebird-automations
Copy link
Collaborator Author

Modified by: PizzaProgram Ltd. (szakilaci)

Version: 4.0 Beta 1 [ 10750 ]

Version: 3.0.4 [ 10863 ]

Version: 2.5.9 [ 10862 ]

Version: 2.5.2 Update 1 [ 10521 ] =>

Version: 2.5.3 [ 10461 ] =>

Version: 2.5.4 [ 10585 ] =>

@firebird-automations
Copy link
Collaborator Author

Commented by: @asfernandes

This ticket should be closed without changes IMO.

Notion of security is completely wrong by the OP.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment