Subject Re: [IB-Architect] Re: Nailing down the external file problem.
Author Paul Reeves
julian@... wrote:
> As I see it the parts that map logical to operating system names would
> go into the the security database and the other parts would be DB
> specific (and be stored in the database files).

I like the overall idea behind what you are suggesting, but the seem to be two

The security database is probably not a good place to put things. It is a well
known weakness that a user who has access to the server in some way can replace
the security database with one of their own.

Secondly, each platform is slightly different - with differing file names and
locations for sensitive files. It would require a degree of work to ensure that
each server on a particular platform knew which objects should be secure. Not
impossible but vulnerable to changes made as operating systems evolve.


Paul Reeves
taking InterBase further