>Perhaps the security problem has more to do with the fact that currently
>only the declaration is compiled in the database (compiled? maybe just
>"stored"..). So a malevolent person could write a trojan horse ib_udf.dll
>or ib_udf.so with bona fide functions replaced by malicious ones with
>identical name and parameters, make it available as a bin download and
>catch a lot of eager SYSDBAs with their pants down.

Udfs are stored into the dbf in system tables, we can by default allow
SYSDBA to add user defined functions to database by changing the privileges
to RDB$FUNCTIONS and RDB$FUNCTION_ARGUMENTS.
I think If a user can't declare a user defined function, and the defined
functions are well programmed and stable there is no security hole.

I think the best way is to allow the descriptor type, it's backguard
compatible and transparent to old udfs.

Toni Martir