Issue Details (XML | Word | Printable)

Key: CORE-5496
Type: Bug Bug
Status: Closed Closed
Resolution: Fixed
Priority: Major Major
Assignee: Alexander Peshkov
Reporter: Mark Rotteveel
Votes: 0
Watchers: 0

If you were logged in you would be able to see more operations.
Firebird Core

Creating SRP SYSDBA with explicit admin (-admin yes in gsec or grant admin role in create user) creates two SYSDBA accounts

Created: 05/Mar/17 01:33 PM   Updated: 08/Apr/19 04:45 PM
Component/s: Engine, GSEC, Security
Affects Version/s: 4.0 Initial, 3.0.0, 3.0.1
Fix Version/s: 3.0.2, 4.0 Alpha 1

Environment: Firebird- on Windows 10

QA Status: Done successfully

 Description  « Hide
When initializing the security database for SRP, two SYSDBA accounts are created if admin option is specified explicitly.

Two sysdba accounts are created if I use (in gsec):

add sysdba -pw masterkey -admin yes

, but not if I use

add sysdba -pw masterkey

Similar if I use in ISQL:

create user sysdba password 'masterkey' grant admin role;

not if I use

create user sysdba password 'masterkey';

In the above case UserManager = Srp, Legacy_UserManager. I also tried with only UserManager = Srp.

I have also tried this in the latest 3.0.2 snapshot, it doesn't happen there.

 All   Comments   Change History   Subversion Commits      Sort Order: Ascending order - Click to sort in descending order
Alexander Peshkov added a comment - 06/Mar/17 10:14 AM
That's not so easy to reproduce an error in FB3 but if one does:

grant rdb$admin to sysdba granted by John;
grant rdb$admin to sysdba granted by Jane;

two records in sec$users might be seen.