BorlandTalk.com Borland discussion newsgroups   Archives   FAQ   Search   Memberlist   Usergroups   Register   Profile   Log in to check your private messages   Log in  EUA restrictions with admin.ib Goto page 1, 2  Next          BorlandTalk.com Forum Index -> Delphi Databases (InterBase Express) View previous topic :: View next topic   Author Message adalberto baldini Guest Posted: Thu Jul 13, 2006 8:11 am    Post subject: EUA restrictions with admin.ib Create a Database with EUA requires that User and Password must be defined in standard Interbase management (admin.ib). As EUA goal is to embedd security into DB, I think that this restriction is conflicting with the scope. Regards Adalberto Baldini Back to top Craig Stuntz [TeamB] Guest Posted: Thu Jul 13, 2006 5:35 pm    Post subject: Re: EUA restrictions with admin.ib adalberto baldini wrote: Quote: Create a Database with EUA requires that User and Password must be defined in standard Interbase management (admin.ib). As EUA goal is to embedd security into DB, I think that this restriction is conflicting with the scope. Without that restriction, how would you limit who can create DBs on a server? Anyone who can see an IB server can create DBs, with or without an IB account? That doesn't seem like such a great idea. -- Craig Stuntz [TeamB] · Vertex Systems Corp. · Columbus, OH Delphi/InterBase Weblog : http://blogs.teamb.com/craigstuntz Please read and follow Borland's rules for the user of their server: http://support.borland.com/entry.jspa?externalID=293 Back to top adalberto baldini Guest Posted: Fri Jul 14, 2006 8:11 am    Post subject: Re: EUA restrictions with admin.ib Craig Stuntz [TeamB] wrote: Quote: Without that restriction, how would you limit who can create DBs on a server? Anyone who can see an IB server can create DBs, with or without an IB account? That doesn't seem like such a great idea. Anyone who needs a Db, like you can create word file. Once with EUA all security management is embedded in DB, there is no conflict with IB environment. As you observed we are speaking about someone whe has access to an IB Server. Back to top Craig Stuntz [TeamB] Guest Posted: Fri Jul 14, 2006 5:40 pm    Post subject: Re: EUA restrictions with admin.ib adalberto baldini wrote: Quote: Anyone who needs a Db, like you can create word file. Bad analogy. IB is a network server, not a desktop app. People complain about the fact that anyone with an IB server account can create a DB. I don't want to make this even worse by removing what little restriction there already is. Quote: Once with EUA all security management is embedded in DB, there is no conflict with IB environment. No, EUA puts security for *one database* in the DB, not the entire server. Quote: As you observed we are speaking about someone whe has access to an IB Server. We are talking about someone who has access to a machine which IB is running on. Not quite the same thing. When discussing security, use precise terms. Speaking vaguely almost invariably gets you into trouble. -- Craig Stuntz [TeamB] · Vertex Systems Corp. · Columbus, OH Delphi/InterBase Weblog : http://blogs.teamb.com/craigstuntz Want to help make Delphi and InterBase better? Use QC! http://qc.borland.com -- Vote for important issues Back to top Adalberto Baldini Guest Posted: Thu Jul 20, 2006 3:08 pm    Post subject: Re: EUA restrictions with admin.ib Craig Stuntz [TeamB] wrote: Quote: adalberto baldini wrote: Anyone who needs a Db, like you can create word file. Bad analogy. IB is a network server, not a desktop app. People complain about the fact that anyone with an IB server account can create a DB. I don't want to make this even worse by removing what little restriction there already is. I did some other test backuping the DB with EUA. Owner must be registered on IB server, as you explained above, OK. But his password must be the same either on IBServer and into DB. Different passwords don't work on DB management. It seems to me that EUA security must be replicate in IBServer security. Whats benefits ? Adalberto Back to top Craig Stuntz [TeamB] Guest Posted: Thu Jul 20, 2006 6:01 pm    Post subject: Re: EUA restrictions with admin.ib I don't understand your question. -- Craig Stuntz [TeamB] · Vertex Systems Corp. · Columbus, OH Delphi/InterBase Weblog : http://blogs.teamb.com/craigstuntz IB 6 versions prior to 6.0.1.6 are pre-release and may corrupt your DBs! Open Edition users, get 6.0.1.6 from http://mers.com Back to top adalberto baldini Guest Posted: Thu Jul 20, 2006 7:40 pm    Post subject: Re: EUA restrictions with admin.ib Accepting that an User must be registered on server to create a DB. OK. I understand EUA option is given to offer more flexibility and security registering inside the DB , user information, so each DB has its own access control. Imagining to have more DB created by the same user, but each one with a different password. Backup when start requires username and password of the owner, that must be registered into the server, and ... must be equal to that registered inside the DB. (or you get invalid user and password ..) In case of more DB, it should be an heavy task to manage all it. In case of only one DB which advantage to register Owner information inside DB if they must match Server information ? Do I misanderstand some important features ? Thanks. Adalberto Craig Stuntz [TeamB] wrote: Quote: I don't understand your question. Back to top Craig Stuntz [TeamB] Guest Posted: Thu Jul 20, 2006 8:05 pm    Post subject: Re: EUA restrictions with admin.ib adalberto baldini wrote: Quote: Backup when start requires username and password of the owner, that must be registered into the server, and ... must be equal to that registered inside the DB. (or you get invalid user and password ..) IIRC, you need an EUA account to backup and a server account to restore. Which makes sense when you think about it. -- Craig Stuntz [TeamB] · Vertex Systems Corp. · Columbus, OH Delphi/InterBase Weblog : http://blogs.teamb.com/craigstuntz Want to help make Delphi and InterBase better? Use QC! http://qc.borland.com -- Vote for important issues Back to top Dan Palley Guest Posted: Thu Jul 20, 2006 8:23 pm    Post subject: Re: EUA restrictions with admin.ib "Adalberto Baldini" <finman (AT) swissonline (DOT) ch> wrote in message news:44bf5634$1 (AT) newsgroups (DOT) borland.com... Quote: I did some other test backuping the DB with EUA. Owner must be registered on IB server, as you explained above, OK. But his password must be the same either on IBServer and into DB. Different passwords don't work on DB management. It seems to me that EUA security must be replicate in IBServer security. Whats benefits ? Make sure you're using the latest version of IB Console, if that's how you're testing EUA. Earlier versions had a few bugs related to the admin.ib login vs. the database login. Dan Back to top Bill Todd Guest Posted: Thu Jul 20, 2006 8:23 pm    Post subject: Re: EUA restrictions with admin.ib adalberto baldini wrote: Quote: In case of only one DB which advantage to register Owner information inside DB if they must match Server information ? The advantage is that if someone steals a copy of your database they cannot take it to another server and open it. -- Bill Todd (TeamB) Back to top Adalberto Baldini Guest Posted: Fri Jul 21, 2006 5:39 pm    Post subject: Re: EUA restrictions with admin.ib Dan Palley wrote: Quote: "Adalberto Baldini" <finman (AT) swissonline (DOT) ch> wrote in message news:44bf5634$1 (AT) newsgroups (DOT) borland.com... Make sure you're using the latest version of IB Console, if that's how you're testing EUA. Earlier versions had a few bugs related to the admin.ib login vs. the database login. Dan I use IBConsole 7.5.1.15 delivered with BDS 2006. Where can i Check if there a version newest ? Adalberto Back to top Adalberto Baldini Guest Posted: Fri Jul 21, 2006 6:01 pm    Post subject: Re: EUA restrictions with admin.ib Craig Stuntz [TeamB] wrote: Quote: adalberto baldini wrote: Backup when start requires username and password of the owner, that must be registered into the server, and ... must be equal to that registered inside the DB. (or you get invalid user and password ..) IIRC, you need an EUA account to backup and a server account to restore. Which makes sense when you think about it. Wrong. you need the same EUA=server account to restore, and even in this case you can get problems. Please see my posts in b.p.i.g newsgroup "unavailabe DB after restoring" Anyway I am a fan of EUA and I think its strength is the embedded security into DB, for this reason I don't agree with need to register same information outside the db. (into the server) First thing my Interbase's teacher said about security, protect the access to the server because if I load in my copy of admin.db I can access all your DBs. With actual feature, if you change EUA password, you can use the DB in great security except than backup and restore. That's my point of view. Maybe I don't know all other reasons that require this solution. Adalberto Back to top Adalberto Baldini Guest Posted: Fri Jul 21, 2006 6:15 pm    Post subject: Re: EUA restrictions with admin.ib Bill Todd wrote: Quote: adalberto baldini wrote: In case of only one DB which advantage to register Owner information inside DB if they must match Server information ? The advantage is that if someone steals a copy of your database they cannot take it to another server and open it. I believe that they can't do this because they don't know internal user and password. This doesn't explain need to register user also on Server.(that's what I don't understand) EUA works perfectly with IBX, if you drop the user on the server. Adalberto Back to top Craig Stuntz [TeamB] Guest Posted: Fri Jul 21, 2006 6:32 pm    Post subject: Re: EUA restrictions with admin.ib Adalberto Baldini wrote: Quote: IIRC, you need an EUA account to backup and a server account to restore. Which makes sense when you think about it. Wrong. you need the same EUA=server account to restore, and even in this case you can get problems. Please see my posts in b.p.i.g newsgroup "unavailabe DB after restoring" We're talking about different things. I was contesting the idea that you need a server account to backup. I don't believe that's true. -- Craig Stuntz [TeamB] · Vertex Systems Corp. · Columbus, OH Delphi/InterBase Weblog : http://blogs.teamb.com/craigstuntz Borland newsgroup denizen Sergio González has a new CD of Irish music out, and it's good: http://tinyurl.com/7hgfr Back to top Bill Todd Guest Posted: Fri Jul 21, 2006 7:06 pm    Post subject: Re: EUA restrictions with admin.ib Quote: I use IBConsole 7.5.1.15 delivered with BDS 2006. Where can i Check if there a version newest ? Adalberto See http://www.gvsnet.nl/ibconsole/ -- Bill Todd (TeamB) Back to top Display posts from previous: All Posts1 Day7 Days2 Weeks1 Month3 Months6 Months1 Year Oldest FirstNewest First         BorlandTalk.com Forum Index -> Delphi Databases (InterBase Express) All times are GMT Goto page 1, 2  Next Page 1 of 2   Jump to: Select a forum C++ Builder Newsgroups----------------C++ BuilderC++ Builder (ActiveX)C++ Builder (Announcements)C++ Builder (Command Line Tools)C++ Builder DatabasesC++ Builder Databases (ADO)C++ Builder Databases (Desktop)C++ Builder Databases (InterBase Express)C++ Builder Databases (Multi-Tier)C++ Builder Databases (SQL Servers)C++ Builder (Graphics)C++ Builder (IDE)C++ Builder (Internet)C++ Builder (Internet Socket)C++ Builder (Internet Web)C++ Builder (Jobs)C++ Builder (Language)C++ Builder (Language C++)C++ Builder (Compatibility with MFC)C++ Builder (Native API)C++ Builder (Non-Technical)C++ Builder (Students)C++ Builder (Third Party Tools)C++ Builder (Upgrade)C++ Builder (VCL)C++ Builder (VCL Components Usage)C++ Builder (VCL Components Development)C++ Builder (VCL Usage)C++ Builder (WinAPI)C++ Builder Installation Delphi Newsgroups----------------Delphi (General)Delphi ActiveX Controls UsageDelphi ActiveX Controls DevelopmentDelphi As400Delphi DatabasesDelphi Databases (ADO)Delphi Databases (dbExpress)Delphi Databases (Desktop)Delphi Databases (InterBase Express)Delphi Databases (Multi-Tier)Delphi Databases (SQL Servers)Delphi DeploymentDelphi GraphicsDelphi IDEDelphi InternationalizationDelphi InternetDelphi Internet Isapi-WebBrokerDelphi Internet WebSnapDelphi Internet WinsockDelphi JobsDelphi Language BASMDelphi Language ObjectPascalDelphi Model Driven Architecture (General)Delphi Model Driven Architecture (Third Party)Delphi MultimediaDelphi Native APIDelphi Non-TechnicalDelphi ObjectPascalDelphi OLE AutomationDelphi OO designDelphi OpenToolsAPIDelphi Reporting-ChartingDelphi RTLDelphi StudentsDelphi TeamSourceDelphi Thirdparty ToolsDelphi Thirdparty Tools (General)Delphi Thirdparty Tools (IntraWeb)Delphi Thirdparty Tools (RaveReports)Delphi UpgradeDelphi VCLDelphi VCL ComponentsDelphi VCL Components UsingDelphi VCL Components WritingDelphi WebServices SOAPDelphi WinAPIDelphi XMLDelphi Installationcomp.lang.pascal.delphi.components.misccomp.lang.pascal.delphi.components.usagecomp.lang.pascal.delphi.components.writingcomp.lang.pascal.delphi.databasescomp.lang.pascal.delphi.misccomp.sources.delphi JBuilder Newsgroups----------------JBuilderJBuilder AnnouncementsJBuilder Applet IssuesJBuilder As400JBuilder CompilerJBuilder CORBA/RMIJBuilder DatabasesJBuilder DB SwingJBuilder DebuggerJBuilder DeploymentJBuilder DocumentationJBuilder EnterpriseJBuilder HandheldJBuilder IDEJBuilder JavaJBuilder JavaAPIJBuilder Java LanguageJBuilder Java SwingJBuilder Java BeansJBuilder Java Beans UsageJBuilder Java Beans DevelopmentJBuilder JBCLJBuilder JDataStoreJBuilder JobsJBuilder LinuxJBuilder MacintoshJBuilder & MobileSetJBuilder MultiLingual AppsJBuilder Non-TechnicalJBuilder OpenToolsJBuilder Servlets (JSP)JBuilder StudentsJBuilder Team DevelopmentJBuilder Thirdparty ToolsJBuilder UpgradeJBuilder Installation InterBase Newsgroups----------------InterBaseInterBase Bug DiscussionInterBase GeneralInterBase IBConsoleInterBase OpenSourceInterBase ReplicationInterBase SQLInterBase ThirdpartyInterBase Installation Miscellaneous Borland Newsgroups----------------AppCenterAppServerEnteraVisiBroker  You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum Powered by phpBB © 2001, 2006 phpBB Group SEO toolkit © 2004-2006 webmedic.