File Permissions and Ownership in MaxDB
---------------------------------------

MaxDB tries to protect you system by having all MaxDB related files
belong to user 'sdb' and group 'sdba'. User sdb should not be allowed
to log in interactively on your system.

To be able to have flexible directory permissions for your database
directories and yet have the MaxDB communication server access all
database instances below /var/lib/maxdb as long as they belong to the
sdb user, the communication server needs to be started as root (it
will switch immediately to user sdb, group sdba once it has finished
its group initialization).

To allow any member of the database administrator group to start the
MaxDB communication server, its startup program needs to be suid
root. To protect the setuid-root executable from unauthorized access
it is located in a directory accessible only to members of the sdba
group.


The suid-root executable 'dbmverifypw' is used if a remote user tries
to create a database instance. For a remote user to be able to create
a new database he/she must be a member of the sdba group and must
authenticate him/herself on an operating system level. For this the
password/shadow file must be read which usually only root can
do. However, there are no MaxDB processes running as root at this time
and therefore the sole purpose of dbmverifypw is to retrieve the
encrypted password from the password file. Again, this executable is
only available to members of the sdba group.

 -- Martin Kittel <debian@martin-kittel.de>, Tue Mar 16 19:07:56 2004
