| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152 |
- Issue:
- ======
- If the LocalSystem user is allowed to install the Firebird Service,
- it could make the whole system accessible to a malicious attacker.
- Scope:
- ======
- Affects Windows NT platforms.
- Document author:
- =================
- Alex Peshkov ([email protected])
- Document date: 2003/06/22
- ==============
- Firebird installation kits for Windows NT systems, i.e. those that
- support services, currently provide a route into the host system
- for any hacker who finds a new security hole in Firebird. All of
- the current kits install the Firebird service to run under the
- LocalSystem account. Through Firebird, the attacker can get
- LocalSystem access to the system.
- The steps to fix things manually are simple:
- 1) add the user 'firebird' as a member of the Domain users group,
- with default rights
-
- 2) grant this user write access to all databases, including
- security2.fdb (isc4.gdb in pre-1.5 versions), and the
- firebird.log file
- 3) grant the user 'firebird' rights to "Login as service"
- 4) make the Firebird services (FirebirdServer and FirebirdGuardian,
- if used, log in with username 'firebird'
- Solution:
- =========
- Alex Peshkov
- People writing installers should note that Firebird's standard routine
- to install and manage the Firebird Service on WinNT/2000/XP platforms
- (instsvc.exe) was upgraded in version 1.5 by the addition of an
- optional L[ogin] switch to the {install} command. It is strongly
- recommended that you employ this switch in the Windows kits, to make
- the 'firebird' user, not LocalSystem, the default account under which
- the Firebird Service logs in.
- For more details, see the document README.instsvc
- switch to (see instsvc.exe).
|
