[Firebird-devel] [FB-Tracker] Created: (CORE-6410) The SRP plugin metadata (PLG$SRP table, PLG$SRP_VIEW view and all its permissions) are wrongly added to the metadata extracted from the database

Luciano Mendes (JIRA) Mon, 28 Sep 2020 03:26:04 -0700

The SRP plugin metadata (PLG$SRP table, PLG$SRP_VIEW view and all its 
permissions) are wrongly added to the metadata extracted from the database
------------------------------------------------------------------------------------------------------------------------------------------------


                 Key: CORE-6410
                 URL: http://tracker.firebirdsql.org/browse/CORE-6410
             Project: Firebird Core
          Issue Type: Bug
          Components: Engine
    Affects Versions: 3.0.6, 3.0.7
         Environment: Windows 10 (x64) Version 2004
Firebird 3.0.7.33365 (snapshot)
            Reporter: Luciano Mendes
         Attachments: SRP_DDL.SQL

ACTUAL RESULT
- The SRP plugin metadata (PLG$SRP table, PLG$SRP_VIEW view and all its 
permissions) are wrongly added to the metadata extracted from the database.


EXPECTED RESULT
- The SRP plugin metadata (PLG$SRP table, PLG$SRP_VIEW view and all its 
permissions) should NOT be added to the metadata extracted from the database.
- The SRP is a native plugin for Firebird 3.0 and its metadata (PLG$SRP table, 
PLG$SRP_VIEW view and all its permissions) should work like MON$, RDB$ and SEC$ 
tables that are not added to the metadata extracted from the database.
- Only metadata created by the DBA should be added to the metadata extracted 
from the database.
- Removing the SRP plugin metadata from the metadata extracted from the 
database can help reduce risks related to the CORE-6409 issue.


STEPS TO REPRODUCE THE ISSUE
1- Make sure that the FirebirdSQL 3.0 service is NOT running:
   net stop FirebirdServerDefaultInstance

2- Run the following command to create the TEST database:
   ECHO SET SQL DIALECT 3;CREATE DATABASE 'TEST' PAGE_SIZE 8192 DEFAULT 
CHARACTER SET WIN1252; | "C:\Program Files\Firebird\Firebird_3_0\isql.exe" 
-user SYSDBA

3- Run the following command to create the SYSDBA user inside the TEST database 
using the SRP plugin:
   ECHO CREATE OR ALTER USER SYSDBA SET PASSWORD 'masterkey' USING PLUGIN 
SRP;COMMIT; | "C:\Program Files\Firebird\Firebird_3_0\isql.exe" -user SYSDBA 
"TEST"

4- Run the following command to extract the TEST database metadata (See: 
SRP_DDL.SQL attached):
   "C:\Program Files\Firebird\Firebird_3_0\isql.exe" -user SYSDBA -extract 
-output "SRP_DDL.SQL" "TEST"


OTHER INFORMATION
- Please see the "[firebird-support] Firebird 3.0 - About PLG$SRP table and 
PLG$SRP_VIEW view" discussion on firebird-supp...@googlegroups.com.


ENVIRONMENT SETUP

firebird.conf
============================================
#SETUP 
UserManager = Srp, Legacy_UserManager 
WireCrypt = Enabled 

databases.conf
============================================
TEST = D:\APPLICATIONS\LURONUMEN\DB\TEST.FDB 
{ 
AuthServer = Srp 
SecurityDatabase = TEST
UserManager = Srp 
}

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://tracker.firebirdsql.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        


Firebird-Devel mailing list, web interface at 
https://lists.sourceforge.net/lists/listinfo/firebird-devel

[Firebird-devel] [FB-Tracker] Created: (CORE-6410) The SRP plugin metadata (PLG$SRP table, PLG$SRP_VIEW view and all its permissions) are wrongly added to the metadata extracted from the database

Reply via email to