/usr/share/doc/firebird
Issue: ====== All command-line utilities which support -password parameter are vulnerable to password sniffing, especially when they're run from scripts. Since 2.1, all Firebird utilities replace argv[PASSWORD] with *, but better solution for hiding password from others in process list should be reading it from file or asking for it on stdin. Scope: ====== Security issue. Document author: ================= Alex Peshkov (peshkoff@mail.ru) Document date: 2008-11-30 ============== All utilities have new switch -fetch_password which may be abbreviated according with utility rules. The exception is QLI, where -F should be used. Switch has required parameter - name of file with password. I.e.: isql -user sysdba -fet passfile server:employee will load password form file "passfile", using its first line as password. One can specify "stdin" as file name to make password be read from stdin. If stdin is terminal, prompt: Enter password: will be printed. For posix users - if you specify '-fetch /dev/tty' you will also be promted. This may be useful if you need to restore from stdin: bunzip2 -c emp.fbk.bz2 | gbak -c stdin /db/new.fdb -user sysdba -fetch /dev/tty
.
Edit
..
Edit
CHANGELOG.md
Edit
Firebird-3-QuickStart.pdf
Edit
Firebird-4.0.6-ReleaseNotes.pdf
Edit
IDPLicense.txt
Edit
IPLicense.txt
Edit
README.DiskSpaceAllocation
Edit
README.Fedora
Edit
README.IPv6
Edit
README.NTSecurity
Edit
README.Optimizer.txt
Edit
README.SecureRemotePassword.html
Edit
README.Win32LibraryInstallation.txt
Edit
README.Win9X_NT_embedding
Edit
README.build.macosx.md
Edit
README.build.mingw.html
Edit
README.build.msvc.html
Edit
README.build.posix.html
Edit
README.coding.style
Edit
README.connection_string_charset.txt
Edit
README.connection_strings
Edit
README.external_routines.txt
Edit
README.fb_cancel_operation
Edit
README.fb_shutdown
Edit
README.fbsvcmgr
Edit
README.garbage_collector
Edit
README.gbak
Edit
README.incompatibilities.3to4.txt
Edit
README.incompatibilities.txt
Edit
README.instsvc
Edit
README.intl
Edit
README.isql_enhancements.txt
Edit
README.makefiles
Edit
README.md
Edit
README.modern_cpp.md
Edit
README.monitoring_tables
Edit
README.online_validation
Edit
README.performance_monitoring
Edit
README.plugins.html
Edit
README.providers.html
Edit
README.raw_devices
Edit
README.read_consistency.md
Edit
README.read_password_from_file
Edit
README.replication.md
Edit
README.security_database.txt
Edit
README.services_extension
Edit
README.session_idle_timeouts
Edit
README.sha1
Edit
README.statement_timeouts
Edit
README.superclassic
Edit
README.trace_services
Edit
README.transaction_at_snapshot.md
Edit
README.trusted_authentication
Edit
README.user.embedded
Edit
README.user.troubleshooting
Edit
README.wire.compression.html
Edit
README.xnet
Edit
sample
Edit
sql.extensions
Edit
udf_replace.sql
Edit
udf_replace.txt
Edit