Issue Details (XML | Word | Printable)

Key: CORE-5126
Type: Bug Bug
Status: Open Open
Priority: Blocker Blocker
Assignee: Unassigned
Reporter: Danniel Corbit
Votes: 0
Watchers: 5

If you were logged in you would be able to see more operations.
Firebird Core

Installation of Firebird 3.0 beta 2 totally ignores my sysdba login information

Created: 03/Mar/16 08:36 PM   Updated: 19/Mar/16 10:03 AM
Component/s: Security
Affects Version/s: 3.0 Beta 2
Fix Version/s: None

Environment: Windows Server 2012 R2 64 bit

QA Status: No test

 Description  « Hide
Installation of Firebird offers a screen to set the system DBA username and password at install time.
It allowed me to fill out the form, but totally ignored the results.

You cannot change the system owner (for instance) from SYSDBA to SA
You cannot change the system owner password. No matter what you type (and it does get accepted!) the sysdba password is masterkey when you are done.
This is a security breach so severe that the database is unusable.

 All   Comments   Change History   Subversion Commits      Sort Order: Ascending order - Click to sort in descending order
Dmitry Yemanov added a comment - 04/Mar/16 06:23 AM
Do you really speak about BETA 2? Or about RC2?

Alexander Peshkov added a comment - 04/Mar/16 10:29 AM
Danniel, I do not know what exactly asks windows installer at that screen, but changing system owner from SYSDBA to something else is definitely impossible at this stage. It's hardcoded string.

To help us better solve your problem please answer 2 questions:
1. What client version did you use to connect to firebird 3.0 server? Native (3.0) or some previous version?
2. Does password 'masterke' (8 letters, no final 'y') let you connect to server?

Danniel Corbit added a comment - 18/Mar/16 06:57 PM
I used flamerobin

If there is a different procedure that must be used, what is the procedure?

Paul Reeves added a comment - 19/Mar/16 10:03 AM
Beta 2 was released eight months ago and has been superceded by two release candidates.

My first recommendation would be to be sure to test with the most recent version. Also, be sure to test with a clean install, by ensuring that no traces of a previous firebird 3 install remain. You can use unins000.exe /clean for that (or just delete the old config files manually.)

The option to change the name of SYSDBA at install time will be removed before the next release. So don't waste time testing that.

And, finally, I doubt that flamerobin is ready for Firebird 3.