Summary: | dev-db/firebird-2.0.3.12981.0-r4 start script works only for sysdba password 'masterke...' | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Sibylle Koczian <Sibylle.Koczian> |
Component: | Current packages | Assignee: | Gentoo Linux bug wranglers <bug-wranglers> |
Status: | VERIFIED INVALID | ||
Severity: | normal | ||
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Sibylle Koczian
2008-01-18 21:01:00 UTC
Well don't get me wrong, but have you actually ever tried to change the password in that *configuration* file once you've changed it in the database? Because that's the entire reason why the file is there in the first place. (In reply to comment #1) > Well don't get me wrong, but have you actually ever tried to change the > password in that *configuration* file once you've changed it in the database? > Because that's the entire reason why the file is there in the first place. > It's quite right that this works, but I don't think the SYSDBA password should be visible on the server quite this easily! I don't really understand why the start script doesn't work without the line 'export ISC_PASSWORD' - with fbmgr.bin the server can be started by user firebird without using the sysdba password at all. Reopening the bug, because a valid SYSDBA password in a text file really doesn't sound very secure for a production environment. Will be back when I hear more about this from the firebird support list. (In reply to comment #2) > It's quite right that this works, but I don't think the SYSDBA password should > be visible on the server quite this easily! Yeah, maybe you could check the file permissions before saying something is 'easily visible'. |