Board index » delphi » How to secure isc4.gdb?

How to secure isc4.gdb?

You're correct that if a user has physical access to the main.gdb file, then
there's nothing you can do to prevent them from seeing the data (they don't
need isc4.gdb at all).

The simple solution is to prevent the user from accessing the main.gdb file
in the first place: Don't share the drive where it's installed; associate
the .gdb file with an account that is only used by the Interbase service
denying everyone else any rights on the file; make sure the Interbase
service account has a strong password,  etc.

Dan

Quote
"Adam" <akalin...@amano.com> wrote in message news:3cb491ad$1_2@dnews...
> Hi,
> Some time ago I found the posting of how to prevent access for SYSDBA
> account to any database.  But it does not prevent from breaking into a
> database.
> Assume the following scenario:
> 1. Copy  the "isc4.gdb" and "main.gdb" database files  from the database
you
> want to break into.
> 2. Install Interbase on your computer.
> 3. Rename copied isc4.gdb.
> 4. Create any user in your local database.
> 5. Connect as "any" user to the renamed isc4.gdb.
> 6. Read USERS table.  It is possible because USERS table has "Select"
> privilage for PUBLIC.  The original owner could not revoke it because
> everybody would loose access (including the owner).
> 7. Create all those users with the same ID's and known passwords.
> 8. Try to connect to the main.gdb with those ID's.
> 9. At same point you will connect to the stolen database with owner
> privileges.

> Is there anything we could do about it?

> Adam

 

Re:How to secure isc4.gdb?


Quote
Adam wrote:

> Hi,
> Some time ago I found the posting of how to prevent access for SYSDBA
> account to any database.  But it does not prevent from breaking into a
> database.
> Assume the following scenario:
> 1. Copy  the "isc4.gdb" and "main.gdb" database files  from the database you
> want to break into.

This is the step that you are violating from IB's basic security premise.  IB's
security has always been based on relying on the OS security to protect the
actual gdb file.  If you can comprimised the OS security to gain direct access
to the file you have comprimised IB's security.

--
Jeff Overcash (TeamB)
      (Please do not email me directly unless  asked. Thank You)
This sad little lizard told me that he was a brontosaurus on his mother's
side.  I did not laugh; people who boast of ancestry often have little else
to sustain them.  Humoring them costs nothing and adds to happiness in
a world in which happiness is in short supply.   (RAH)

Re:How to secure isc4.gdb?


Hi,
Some time ago I found the posting of how to prevent access for SYSDBA
account to any database.  But it does not prevent from breaking into a
database.
Assume the following scenario:
1. Copy  the "isc4.gdb" and "main.gdb" database files  from the database you
want to break into.
2. Install Interbase on your computer.
3. Rename copied isc4.gdb.
4. Create any user in your local database.
5. Connect as "any" user to the renamed isc4.gdb.
6. Read USERS table.  It is possible because USERS table has "Select"
privilage for PUBLIC.  The original owner could not revoke it because
everybody would loose access (including the owner).
7. Create all those users with the same ID's and known passwords.
8. Try to connect to the main.gdb with those ID's.
9. At same point you will connect to the stolen database with owner
privileges.

Is there anything we could do about it?

Adam

Re:How to secure isc4.gdb?


Rule 1:

Never let anyone but a trusted person have access to the server (room)

Rule 2:

Never let anyone but a trusted person have access to files on your server
that should be secure.

You're violating both rule 1 & 2 in your scenario below ...
--
Martijn Tonies
Upscene Productions

InterBase Workbench - The Developer Tool for InterBase
http://www.interbaseworkbench.com

"Experience is what you get when you didn't get what you wanted"

"Adam" <akalin...@amano.com> schreef in bericht news:3cb491ad$1_2@dnews...

Quote
> Hi,
> Some time ago I found the posting of how to prevent access for SYSDBA
> account to any database.  But it does not prevent from breaking into a
> database.
> Assume the following scenario:
> 1. Copy  the "isc4.gdb" and "main.gdb" database files  from the database
you
> want to break into.
> 2. Install Interbase on your computer.
> 3. Rename copied isc4.gdb.
> 4. Create any user in your local database.
> 5. Connect as "any" user to the renamed isc4.gdb.
> 6. Read USERS table.  It is possible because USERS table has "Select"
> privilage for PUBLIC.  The original owner could not revoke it because
> everybody would loose access (including the owner).
> 7. Create all those users with the same ID's and known passwords.
> 8. Try to connect to the main.gdb with those ID's.
> 9. At same point you will connect to the stolen database with owner
> privileges.

> Is there anything we could do about it?

> Adam

Re:How to secure isc4.gdb?


Hi,
You all guys are right that security database should be physically
protected.
But it is like telling the car owner: "do not leave your car keys
un-attendant".
It does not always work. That's why the car manufactures created several
other levels of security like, for instance, hidden buttons that disable gas
cut off's or low-jacks.
Storing user id's in insecure database is not a good idea.  Most other
databases came up with better ideas like storing id's and passwords with the
database. You cannot break that way to an Oracle, for instance.
The reason I posted this question is that I strongly believe that somebody
already found how to improve Interbase security.  I do not expect 100%
secure solution because it does not exist.
But usually it is not a good idea to rely on only 1 level of security, no
matter how strong.

Adam

Quote
"Adam" <akalin...@amano.com> wrote in message news:3cb491ad$1_2@dnews...
> Hi,
> Some time ago I found the posting of how to prevent access for SYSDBA
> account to any database.  But it does not prevent from breaking into a
> database.
> Assume the following scenario:
> 1. Copy  the "isc4.gdb" and "main.gdb" database files  from the database
you
> want to break into.
> 2. Install Interbase on your computer.
> 3. Rename copied isc4.gdb.
> 4. Create any user in your local database.
> 5. Connect as "any" user to the renamed isc4.gdb.
> 6. Read USERS table.  It is possible because USERS table has "Select"
> privilage for PUBLIC.  The original owner could not revoke it because
> everybody would loose access (including the owner).
> 7. Create all those users with the same ID's and known passwords.
> 8. Try to connect to the main.gdb with those ID's.
> 9. At same point you will connect to the stolen database with owner
> privileges.

> Is there anything we could do about it?

> Adam

Other Threads