Watch, Follow, &
Connect with Us
Public Report
Report From: InterBase/Tools/Graphical/IBConsole    [ Add a report in this area ]  
Report #:  106427   Status: Closed
Database Shutdown does not prevent non-SYSDBA users from connecting
Project:  InterBase Build #:  Update 4
Version:    10.0 Submitted By:   Dale Gunter
Report Type:  Basic functionality failure Date Reported:  6/14/2012 2:34:20 PM
Severity:    Serious / Highly visible problem Last Updated: 4/26/2013 9:00:57 PM
Platform:    Windows 95/98/NT 4.0 on Intel Internal Tracking #:  
Resolution: Fixed (Resolution Comments) Resolved in Build: : XE3
Duplicate of:  None
Voting and Rating
Overall Rating: No Ratings Yet
0.00 out of 5
Total Votes: 1
Description
In the operations guide in the section about shutting down databases it states: "After a database is shut down, the database owner and SYSDBA are still able to connect to
it, but any other user attempting to connect gets an error message stating that the database
is shut down."

We had previously noticed that after doing a database shutdown it still appeared that users were still able to log in.

On our production server we are running Interbase XE 64-bit with update 4 applied (vers.# on IBConsole help about = 10.0.3.566)

Since I cannot easily shut down our production server in the middle of the day, I attempted to reproduce this on our dev server. On this dev server the ver# is 10.0.2.474
Steps to Reproduce:
Steps to reproduce:
---------------------------------------------------
- Launch IBConsole
- Create new database named TEST (or whatever)
- Verify you can log in with SYSDBA login
- As SYSDBA Create a new user named TESTUSER
- With database started, perform shutdown with a timeout of 1
- Receive a dialog box saying "The database has been shut down and is currently in single-user mode."
- Disconnect from the database
- Verify you can still log in with SYSDBA login
- Disconnect from the database
- Attempt to reconnect as TESTUSER
- The attempt works when it should not.
Workarounds
None
Attachment
None
Comments

Sriram Balasubramanian at 6/30/2012 11:17:06 AM -
Dale,

Are you able to reproduce the problem with GFIX (the command line tool)? If you are able to, I would mark this to be addressed as a SQL security problem, not a IBConsole issue. Please confirm.

Dale Gunter at 7/5/2012 10:32:39 AM -
Sriram,

Yes. We use GFIX with the -force option as part of our regular automated backup/restore process. This is where we first noticed the issue.

Users were able to login and work even though we had shut the database down. It didn't stop the backup, but their work was lost when we did a restore.

Tomohiro Takahashi at 6/30/2012 6:41:45 PM -
This report was opened.
But, Internal Tracking Number field is still blank.

Dale Gunter at 7/5/2012 10:42:27 AM -
Is this something that we, the customer, fill out?

I did not see any field with this name in the Windows Quality Central Client.

Tomohiro Takahashi at 7/5/2012 6:27:37 PM -
This issie is logged and tracked in our internal tracking system properly.
Please ignore my previous comment.
Thanks.

Server Response from: ETNACODE01