Re: [Firebird-devel] FB/Java embedded connections

On 19-5-2016 19:42, Dimitry Sibiryakov wrote: > 19.05.2016 19:32, Mark Rotteveel wrote: >> I think Adriano is taking about the fact that someone from Java code running >> inside >> Firebird would be able to make an embedded connection to any database >> running on the same >> server. That is a to

Re: [Firebird-devel] FB/Java embedded connections

On 19-5-2016 23:26, Leyne, Sean wrote: > > >> 19.05.2016 19:32, Mark Rotteveel wrote: >>> I think Adriano is taking about the fact that someone from Java code >>> running inside Firebird would be able to make an embedded connection >>> to any database running on the same server. That is a totally >

Re: [Firebird-devel] FB/Java embedded connections

On 19-5-2016 19:42, Dimitry Sibiryakov wrote: > 19.05.2016 19:32, Mark Rotteveel wrote: >> I think Adriano is taking about the fact that someone from Java code running >> inside >> Firebird would be able to make an embedded connection to any database >> running on the same >> server. That is a to

[Firebird-devel] [FB-Tracker] Created: (CORE-5247) API to get current shutdown/online mode of database

API to get current shutdown/online mode of database --- Key: CORE-5247 URL: http://tracker.firebirdsql.org/browse/CORE-5247 Project: Firebird Core Issue Type: New Feature Components:

Re: [Firebird-devel] FB/Java embedded connections

Hi, > There are several ways to address that risk: > > 1 - don't do it, use separate machines > 2 - use VMs to provide isolation > 3 - use containers to provide isolation > > > Sean 4. Encrypt database regards, Karol Bieniaszewski ---

Re: [Firebird-devel] FB/Java embedded connections - proposed solution for Firebird and Jaybird

20.05.2016 04:52, Adriano dos Santos Fernandes wrote: > > Firebird: > > - By default engine will verify user/password How? Authentication code belongs to the network listener, not the embedded library. And I foresee compatibility issues for embedded users. Dmitry

Re: [Firebird-devel] Getting current shutdown mode

20.05.2016 08:28, Jiří Činčura wrote: > >> * >> bin # ./fbsvcmgr service_mgr action_db_stats dbname employee >> sts_hdr_pages > > Yeah. That's not good. Scraping it from text is not what I should > provide in library. May I create ticket to provide such API? Sure, feel free. Dmit

Re: [Firebird-devel] Getting current shutdown mode

> It's possible but not too convenient. > * > bin # ./fbsvcmgr service_mgr action_db_stats dbname employee > sts_hdr_pages Yeah. That's not good. Scraping it from text is not what I should provide in library. May I create ticket to provide such API? -- Mgr. Jiří Činčura Independe

[Firebird-devel] FB/Java embedded connections - proposed solution for Firebird and Jaybird

Hi! I propose following solution: Firebird: - By default engine will verify user/password - We create isc_dpb_no_verify_auth - to not verify user/password like it does now - Remote layer removes isc_dpb_no_verify_auth Jaybird: - We create a Java permission (org.firebirdsql.jdbc.NoVerifyAuthPer

Re: [Firebird-devel] FB/Java embedded connections

Em 19/05/2016 14:48, Adriano dos Santos Fernandes escreveu: > On 19/05/2016 13:53, Alex Peshkoff wrote: >> You know yourself that for embedded connections on open source product >> any credential validation is not reliable - everyone can rebuild >> required dynamic library commenting out 2-3 line

[Firebird-devel] [FB-Tracker] Created: (CORE-5246) string right truncation with select 1 from mon$statements

string right truncation with select 1 from mon$statements - Key: CORE-5246 URL: http://tracker.firebirdsql.org/browse/CORE-5246 Project: Firebird Core Issue Type: Bug Affects Versio

Re: [Firebird-devel] FB/Java embedded connections

Em 19/05/2016 14:42, Dimitry Sibiryakov escreveu: > 19.05.2016 19:32, Mark Rotteveel wrote: >> I think Adriano is taking about the fact that someone from Java code running >> inside >> Firebird would be able to make an embedded connection to any database >> running on the same >> server. That is

Re: [Firebird-devel] FB/Java embedded connections

> I think Adriano is taking about the fact that someone from Java code running > inside Firebird would be able to make an embedded connection to any > database running on the same server. That is a totally different security > threat than the capability that a normal Java program with Jaybird has

Re: [Firebird-devel] FB/Java embedded connections

> 19.05.2016 19:32, Mark Rotteveel wrote: > > I think Adriano is taking about the fact that someone from Java code > > running inside Firebird would be able to make an embedded connection > > to any database running on the same server. That is a totally > > different security threat than the capa

Re: [Firebird-devel] FB/Java embedded connections

On 19/05/2016 13:53, Alex Peshkoff wrote: > You know yourself that for embedded connections on open source product > any credential validation is not reliable - everyone can rebuild > required dynamic library commenting out 2-3 lines where needed and > become SYSDBA. I think that the only reliab

Re: [Firebird-devel] FB/Java embedded connections

19.05.2016 19:32, Mark Rotteveel wrote: > I think Adriano is taking about the fact that someone from Java code running > inside > Firebird would be able to make an embedded connection to any database running > on the same > server. That is a totally different security threat than the capability t

Re: [Firebird-devel] FB/Java embedded connections

I think Adriano is taking about the fact that someone from Java code running inside Firebird would be able to make an embedded connection to any database running on the same server. That is a totally different security threat than the capability that a normal Java program with Jaybird has (as it

Re: [Firebird-devel] FB/Java embedded connections

On 05/19/2016 07:15 PM, Adriano dos Santos Fernandes wrote: > Hi! > > FB/Java plugin has permission system. > > By default, one can create his routines but are limited for example to > not access the server filesystem. > > Sys admin can grant Java permissions to users and roles. > > But there is a

[Firebird-devel] FB/Java embedded connections

Hi! FB/Java plugin has permission system. By default, one can create his routines but are limited for example to not access the server filesystem. Sys admin can grant Java permissions to users and roles. But there is a problem with embedded connections. If one uses the Jaybird server-side JDBC

Re: [Firebird-devel] How an RDB$ index can be rebuilt in 3.0

From: Pavel Cisar Subject: Re: [Firebird-devel] How an RDB$ index can be rebuilt in 3.0===An RDB$INDEX_* is typically an automatically created one for constraint. So you have to identify the constraint, drop it and then recreate it.===In 3.0 and above no such ability:SQL> show

Re: [Firebird-devel] [FB-Tracker] Created: (CORE-5240) Restore database with large page buffer - connection lost to database

19.05.2016 1:05, Walter R. Ojeda Valiente wrote: > As I understand, the page buffers rank is 50 to 131072 This restriction is applied for 32-bit builds only. Vlad PS Never, NEVER put whole message at the bottom of your answer !!! -

Re: [Firebird-devel] Getting current shutdown mode

On 05/19/2016 11:29 AM, Jiří Činčura wrote: > Hi *, > > can I ask Service API to get me current shutdown/online mode of given > database? I know with isc_action_svc_properties I can set it. So I hope > there's also other way possible. > It's possible but not too convenient. * bin #

[Firebird-devel] Getting current shutdown mode

Hi *, can I ask Service API to get me current shutdown/online mode of given database? I know with isc_action_svc_properties I can set it. So I hope there's also other way possible. -- Mgr. Jiří Činčura Independent IT Specialist ---

Re: [Firebird-devel] How an RDB$ index can be rebuilt in 3.0 ?

19.05.2016 10:39, Pavel Cisar wrote: > > An RDB$INDEX_* is typically an automatically created one for constraint. It may also be an index on some system table, RDB$DEPENDENCIES in this particular case. This was the actual problem raised. Dmitry

Re: [Firebird-devel] How an RDB$ index can be rebuilt in 3.0 ?

Hi, An RDB$INDEX_* is typically an automatically created one for constraint. So you have to identify the constraint, drop it and then recreate it. best regards Pavel Cisar IBPhoenix Dne 18.5.2016 v 21:03 Pavel Zotov napsal(a): > This question arised while discussion of CORE-5242. Vlad recommend