InterBase Security Best Practices

By: Gabe Goldfield

Abstract: Ensure that admin.ib is not accessible to users who are not granted root access

Issue: A number of security sites including Secunia and others have pointed to the potential for malicious local users to gain escalated privileges for InterBase on Linux and Solaris systems.

Specific issue: When InterBase is installed on Linux and Solaris, read write permission for admin.ib is enabled for all users.

Solution: Best security practices require the administrator to set permissions appropriately immediately after installation. The most secure posture is to set permission so that only 'root' user has read/write privileges.

Procedure:

  1. Log in as root user.
  2. Navigate to the InterBase home directory
  3. chmod 600 admin.ib
  4. ls -l admin.ib
Permissions should now look like this: -rw------- 1 root root 616497 Mar 22 11:17 /opt/interbase/admin.ib

Note to database administrators: Additional security is achieved when the Interbase directory and its subdirectories are owned by 'root' user and have the permissions set to 755.

  Latest Comments  View All Add New RSS ATOM

Move mouse over comment to see the full text

Could not retrieve comments. Please try again later.
   

Rating

Server Response from: ETNASC04

Copyright© 1994 - 2013 Embarcadero Technologies, Inc. All rights reserved..    Site Map