/usr/share/firebird/3.0/security.sql is in firebird3.0-server 3.0.2.32703.ds4-11ubuntu2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 | /*
* The contents of this file are subject to the Interbase Public
* License Version 1.0 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy
* of the License at http://www.Inprise.com/IPL.html
*
* Software distributed under the License is distributed on an
* "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, either express
* or implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code was created by Inprise Corporation
* and its predecessors. Portions created by Inprise Corporation are
* Copyright (C) Inprise Corporation.
*
* All Rights Reserved.
* Contributor(s): ______________________________________.
*
* 2004.09.14 Alex Peshkoff - security changes, preventing ordinary users
* from access to other users crypted passwords and enabling modification
* of there own password. Originally suggested by Ivan Prenosil
* (see http://www.volny.cz/iprenosil/interbase/ for details).
*/
/* Domain definitions */
CREATE DOMAIN PLG$PASSWD AS VARCHAR(64) CHARACTER SET BINARY;
CREATE DOMAIN PLG$ID AS INTEGER;
COMMIT;
/* Linger is definitely useful for security database */
ALTER DATABASE SET LINGER TO 60; /* one minute */
COMMIT;
/* Table: RDB$USERS */
CREATE TABLE PLG$USERS (
PLG$USER_NAME SEC$USER_NAME NOT NULL PRIMARY KEY,
PLG$GROUP_NAME SEC$USER_NAME,
PLG$UID PLG$ID,
PLG$GID PLG$ID,
PLG$PASSWD PLG$PASSWD NOT NULL,
PLG$COMMENT RDB$DESCRIPTION,
PLG$FIRST_NAME SEC$NAME_PART,
PLG$MIDDLE_NAME SEC$NAME_PART,
PLG$LAST_NAME SEC$NAME_PART);
COMMIT;
/* VIEW: PLG$VIEW_USERS */
CREATE VIEW PLG$VIEW_USERS (PLG$USER_NAME, PLG$GROUP_NAME, PLG$UID, PLG$GID, PLG$PASSWD,
PLG$COMMENT, PLG$FIRST_NAME, PLG$MIDDLE_NAME, PLG$LAST_NAME) AS
SELECT PLG$USER_NAME, PLG$GROUP_NAME, PLG$UID, PLG$GID, PLG$PASSWD,
PLG$COMMENT, PLG$FIRST_NAME, PLG$MIDDLE_NAME, PLG$LAST_NAME
FROM PLG$USERS
WHERE CURRENT_USER = 'SYSDBA'
OR CURRENT_ROLE = 'RDB$ADMIN'
OR CURRENT_USER = PLG$USERS.PLG$USER_NAME;
/* Access rights */
GRANT ALL ON PLG$USERS to VIEW PLG$VIEW_USERS;
GRANT SELECT ON PLG$VIEW_USERS to PUBLIC;
GRANT UPDATE(PLG$PASSWD, PLG$GROUP_NAME, PLG$UID, PLG$GID, PLG$FIRST_NAME, PLG$MIDDLE_NAME, PLG$LAST_NAME)
ON PLG$VIEW_USERS TO PUBLIC;
COMMIT;
/* Needed record - with PASSWD = random + SHA1 (random + 'SYSDBA' + crypt('masterke')) */
INSERT INTO PLG$USERS(PLG$USER_NAME, PLG$PASSWD, PLG$FIRST_NAME, PLG$MIDDLE_NAME, PLG$LAST_NAME)
VALUES ('SYSDBA', 'NLtwcs9LrxLMOYhG0uGM9i6KS7mf3QAKvFVpmRg=', 'Sql', 'Server', 'Administrator');
COMMIT;
|