2008-11-30 18:34:18 +01:00
|
|
|
Issue:
|
|
|
|
|
======
|
|
|
|
|
All command-line utilities which support -password parameter are
|
|
|
|
|
vulnerable to password sniffing, especially when they're run from
|
|
|
|
|
scripts. Since 2.1, all Firebird utilities replace argv[PASSWORD]
|
|
|
|
|
with *, but better solution for hiding password from others in
|
|
|
|
|
process list should be reading it from file or asking for it on
|
|
|
|
|
stdin.
|
|
|
|
|
|
|
|
|
|
Scope:
|
|
|
|
|
======
|
|
|
|
|
Security issue.
|
|
|
|
|
|
|
|
|
|
Document author:
|
|
|
|
|
=================
|
|
|
|
|
Alex Peshkov (peshkoff@mail.ru)
|
|
|
|
|
|
|
|
|
|
Document date: 2008-11-30
|
|
|
|
|
==============
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
All utilities have new switch
|
|
|
|
|
-fetch_password
|
2008-12-01 02:26:27 +01:00
|
|
|
which may be abbreviated according with utility rules.
|
2008-11-30 18:34:18 +01:00
|
|
|
The exception is QLI, where -F should be used.
|
|
|
|
|
|
|
|
|
|
Switch has required parameter - name of file with password. I.e.:
|
|
|
|
|
isql -user sysdba -fet passfile server:employee
|
2008-12-01 02:26:27 +01:00
|
|
|
will load password form file "passfile", using its first line
|
2008-11-30 18:34:18 +01:00
|
|
|
as password.
|
|
|
|
|
|
|
|
|
|
One can specify "stdin" as file name to make password be read
|
|
|
|
|
from stdin. If stdin is terminal, prompt:
|
|
|
|
|
Enter password:
|
|
|
|
|
will be printed.
|
|
|
|
|
|
|
|
|
|
For posix users - if you specify '-fetch /dev/tty' you will also
|
|
|
|
|
be promted. This may be useful if you need to restore from stdin:
|
|
|
|
|
bunzip2 -c emp.fbk.bz2 | gbak -c stdin /db/new.fdb -user sysdba -fetch /dev/tty
|
