Suggestion

19 views
Skip to first unread message

Tomasz Dubiel

unread,
Aug 9, 2022, 7:53:50 AMAug 9
to firebird-support
Hello.
What do you think about dropping such an idea as "standard SYSDBA password"?
Should not Firebird jump a one level higher in terms of security and forget about masterkey?
Best regards.

Dimitry Sibiryakov

unread,
Aug 9, 2022, 8:00:47 AMAug 9
to firebird...@googlegroups.com
Tomasz Dubiel wrote 09.08.2022 13:53:
> What do you think about dropping such an idea as "standard SYSDBA password"?
> Should not Firebird jump a one level higher in terms of security and forget
> about masterkey?

And about SYSDBA as well. They are preserved for backward-compatibility only
and zip-packages has no SYSDBA user by default, it is the installer who creates it.

--
WBR, SD.

Tomasz Dubiel

unread,
Aug 9, 2022, 8:03:30 AMAug 9
to firebird-support
OK, so who decides about changing installers' behaviour?

Mark Rotteveel

unread,
Aug 9, 2022, 8:04:03 AMAug 9
to firebird...@googlegroups.com
That is only true for Srp, but not true for Legacy_Auth on Windows (not
sure about Linux). The security database contains a hardcoded entry for
SYSDBA with the password masterke.

Mark
--
Mark Rotteveel

Tomasz Dubiel

unread,
Aug 9, 2022, 8:05:49 AMAug 9
to firebird-support
I can understand for a backward-compatibilty to have SYSDBA user, but it shouldn't have a default password. If it needs to be created while installation, give it to user or generate random password and print it to user while installation.

Dimitry Sibiryakov

unread,
Aug 9, 2022, 8:05:51 AMAug 9
to firebird...@googlegroups.com
Tomasz Dubiel wrote 09.08.2022 14:03:
> OK, so who decides about changing installers' behaviour?

AFAIK it is on package/platform maintainers. You can create an installer with
any desired behavior.

--
WBR, SD.

Tomasz Dubiel

unread,
Aug 9, 2022, 8:07:15 AMAug 9
to firebird-support
Maybe, but the installer is present at official Firebird website.

Dimitry Sibiryakov

unread,
Aug 9, 2022, 8:07:57 AMAug 9
to firebird...@googlegroups.com
Tomasz Dubiel wrote 09.08.2022 14:05:
> I can understand for a backward-compatibilty to have SYSDBA user, but it
> shouldn't have a default password. If it needs to be created while installation,
> give it to user or generate random password and print it to user while installation.

This is default behavior on Linux.

--
WBR, SD.

Tomasz Dubiel

unread,
Aug 9, 2022, 8:08:44 AMAug 9
to firebird-support
So my suggestion is to drop it and forget about masterke

Dimitry Sibiryakov

unread,
Aug 9, 2022, 8:12:30 AMAug 9
to firebird...@googlegroups.com
Tomasz Dubiel wrote 09.08.2022 14:07:
> Maybe, but the installer is present at official Firebird website.

Officially Firebird Project DOES care about backward compatibility.

--
WBR, SD.

Tomasz Dubiel

unread,
Aug 9, 2022, 8:41:54 AMAug 9
to firebird-support
For the compatibility is it needed to have SYSDBA with masterke or just SYSDBA with any password?

Dimitry Sibiryakov

unread,
Aug 9, 2022, 8:46:09 AMAug 9
to firebird...@googlegroups.com
Tomasz Dubiel wrote 09.08.2022 14:41:
> For the compatibility is it needed to have SYSDBA with masterke or just SYSDBA
> with any password?

There was too many support requests "why I cannot connect as
SYSDBA/masterkey" after an attempt to change it.

--
WBR, SD.

Mark Rotteveel

unread,
Aug 9, 2022, 8:46:29 AMAug 9
to firebird...@googlegroups.com
On 09-08-2022 14:03, Tomasz Dubiel wrote:
> OK, so who decides about changing installers' behaviour?

Create an issue on https://github.com/FirebirdSQL/firebird or start a
discussion on firebird-devel.

I recall this has been discussed before, but it seems there never has
been a formal conclusion or decision.

Related discussions:

https://sourceforge.net/p/firebird/mailman/firebird-devel/thread/4EF08BBB.6020707%40mail.ru/#msg28569061

According to this discussion, the main reason to keep a Legacy_Auth
seems to have been for ZIP-kit users (though there is never a real
conclusion).

https://sourceforge.net/p/firebird/mailman/firebird-devel/thread/55A3CEB9.2060306%40mail.ru/#msg34291600

This one seems to argue that for "reasons", Legacy_Auth already has a
default record ("We keep legacy plugin as legacy as possible, therefore
security database (according to legacy rules) already contains legacy
record for sysdba with password masterke.")

The remainder of the discussion assumes that masterkey is not the
default for other authentication plugins.

The discussion referenced an earlier discussion
(https://sourceforge.net/p/firebird/mailman/firebird-devel/thread/201307171200.25066.preeves%40ibphoenix.com/#msg31178171
), where having the installer default to masterkey for Srp should only
have been a transitional measure for the alpha's and beta's, and that
the Firebird 3 RC1 installer should remove this default.

This seems to have never happened (as the 3.0.10 and 4.0.1 Windows
installer currently prompts for a password, but defaults to masterkey if
nothing was entered).

Mark
--
Mark Rotteveel

Tomasz Dubiel

unread,
Aug 9, 2022, 8:51:14 AMAug 9
to firebird-support
In a free time I will create an issue on GitHub and I will certainly need a help from you, Mark, because the message from Dimitry is not sufficient for me. A simple answer:
"We decided to increase the security of Firebird. If you really want password <masterkey>, just enter it manually on your own responsibility." would not be enough for those connection problems?

Mark Rotteveel

unread,
Aug 9, 2022, 8:55:39 AMAug 9
to firebird...@googlegroups.com
On 09-08-2022 14:51, Tomasz Dubiel wrote:
> In a free time I will create an issue on GitHub and I will certainly
> need a help from you, Mark, because the message from Dimitry is not
> sufficient for me. A simple answer:
> "We decided to increase the security of Firebird. If you really want
> password <masterkey>, just enter it manually on your own
> responsibility." would not be enough for those connection problems?

I think it should be OK, but I know opinions on this vary.

However, judging by the amount of questions I have seen about the error
you get when the security database is not initialized for Srp, it might
cause some problems. Though I guess part of those were caused by bugs in
the installer, which caused it to not always create the SYSDBA user
under the Srp plugin.

Mark
--
Mark Rotteveel
Reply all
Reply to author
Forward
0 new messages