The SRP plugin metadata (PLG$SRP table, PLG$SRP_VIEW view and all its permissions) are wrongly added to the metadata extracted from the database [CORE6410] #6648
Assignees
Comments
Modified by: @luronumenAttachment: SRP_DDL.SQL [ 13500 ] |
Modified by: @luronumenAttachment: CORE6410_SRP_DDL.SQL [ 13501 ] |
Modified by: @AlexPeshkoffassignee: Alexander Peshkov [ alexpeshkoff ] |
Modified by: @AlexPeshkoff |
|
Commented by: @AlexPeshkoff Adding duplicates with same reasoning is not good idea ... |
Modified by: @pcisarstatus: Resolved [ 5 ] => Closed [ 6 ] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Submitted by: @luronumen
Duplicates CORE6147
Attachments:
SRP_DDL.SQL
CORE-6410_SRP_DDL.SQL
ACTUAL RESULT
- The SRP plugin metadata (PLG$SRP table, PLG$SRP_VIEW view and all its permissions) are wrongly added to the metadata extracted from the database.
EXPECTED RESULT
- The SRP plugin metadata (PLG$SRP table, PLG$SRP_VIEW view and all its permissions) should NOT be added to the metadata extracted from the database.
- The SRP is a native plugin for Firebird 3.0 and its metadata (PLG$SRP table, PLG$SRP_VIEW view and all its permissions) should work like MON$, RDB$ and SEC$ tables that are not added to the metadata extracted from the database.
- Only metadata created by the DBA should be added to the metadata extracted from the database.
- Removing the SRP plugin metadata from the metadata extracted from the database can help reduce risks related to the CORE6409 issue.
STEPS TO REPRODUCE THE ISSUE
1- Make sure that the FirebirdSQL 3.0 service is NOT running:
net stop FirebirdServerDefaultInstance
2- Run the following command to create the TEST database:
ECHO SET SQL DIALECT 3;CREATE DATABASE 'TEST' PAGE_SIZE 8192 DEFAULT CHARACTER SET WIN1252; | "C:\Program Files\Firebird\Firebird_3_0\isql.exe" -user SYSDBA
3- Run the following command to create the SYSDBA user inside the TEST database using the SRP plugin:
ECHO CREATE OR ALTER USER SYSDBA SET PASSWORD 'masterkey' USING PLUGIN SRP;COMMIT; | "C:\Program Files\Firebird\Firebird_3_0\isql.exe" -user SYSDBA "TEST"
4- Run the following command to extract the TEST database metadata (See: SRP_DDL.SQL attached):
"C:\Program Files\Firebird\Firebird_3_0\isql.exe" -user SYSDBA -extract -output "SRP_DDL.SQL" "TEST"
OTHER INFORMATION
- Please see the "[firebird-support] Firebird 3.0 - About PLG$SRP table and PLG$SRP_VIEW view" discussion on mailto:firebird-support@googlegroups.com.
ENVIRONMENT SETUP
firebird.conf
#SETUP
UserManager = Srp, Legacy_UserManager
WireCrypt = Enabled
databases.conf
TEST = D:\APPLICATIONS\LURONUMEN\DB\TEST.FDB
{
AuthServer = Srp
SecurityDatabase = TEST
UserManager = Srp
}
The text was updated successfully, but these errors were encountered: