You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Firebird 3 always provides a SEC$USERS table, either from the server wide
user database OR from the secondary user database.
But for user management, I would like to know if the users list comes
from the server-wide or from a secondary database, it would be more clear to the users
of Database Workbench to see the difference if there's NO "Users" node
for a database which users server side users, and there is a "Users" node
for databases that use a secondary user database.
Mark, we do not show what particular database is used. In a case with DEFAULT security database there is no top secret with it, in a case of SELF it's possible to access appropriate view/table and find record about oneself. I.e. I do not see big security problems here.
And next - improvement was publically & actively discussed in devel a few months ago (see thread "Beta 1: how to use additionalsecuritydatabases?"). Why did you not rise security problems that time... As for me I've thought about security implications but have not found what particular attack does it simplify.
Submitted by: Martijn Tonies (martijntonies)
Firebird 3 always provides a SEC$USERS table, either from the server wide
user database OR from the secondary user database.
But for user management, I would like to know if the users list comes
from the server-wide or from a secondary database, it would be more clear to the users
of Database Workbench to see the difference if there's NO "Users" node
for a database which users server side users, and there is a "Users" node
for databases that use a secondary user database.
Commits: 5c9eb6d FirebirdSQL/fbt-repository@5641ea1
The text was updated successfully, but these errors were encountered: