Watch, Follow, &
Connect with Us

Please visit our new home
community.embarcadero.com.

Public Report
Report From: InterBase/Server/Security    [ Add a report in this area ]  
Report #:  122788   Status: Open
SYSDBA can drop user SYSDSO
Project:  InterBase Build #:  11.0.3.655
Version:    11.0 Submitted By:   Dmitry Kuzmenko
Report Type:  Basic functionality failure Date Reported:  2/26/2014 6:41:51 AM
Severity:    Serious / Highly visible problem Last Updated: 2/27/2014 10:40:22 AM
Platform:    Not OS or platform specific Internal Tracking #:  
Resolution: None (Resolution Comments) Resolved in Build: : None
Duplicate of:  None
Voting and Rating
Overall Rating: No Ratings Yet
0.00 out of 5
Total Votes: None
Description
SYSDBA can drop user SYSDSO
Steps to Reproduce:

When using encryption, after all steps (creating SYSDSO, creating keys, granting keys, encrypting data, etc),
SYSDBA at any time can execute

DROP USER SYSDSO

after that SYSDSO disappears from RDB$USERS (in that database).
Later SYSDBA can create user SYSDSO, which will compromise security, because SYSDSO can't access database anymore (does not know password), and person (SYSDBA) who recreated SYSDSO can do all operations allowed to SYSDSO.

Of course, SYSDBA itself can't (at any time) alter, drop or create any objects that SYSDSO can, even trying by modifying system tables.

I think that SYSDBA must not be able to DROP SYSDSO user after SYSDSO created at least 1 object (set SEP password, etc).
Workarounds
None
Attachment
None
Comments

None

Server Response from: ETNACODE01