| Subject | Re: [IB-Architect] Trigger Classes |
|---|---|
| Author | Jim Starkey |
| Post date | 2001-10-24T16:11:55Z |
At 04:39 PM 10/24/01 +0100, Ivan Prenosil wrote:
security restrictions, so I haven't provided for any. In a more
general context, it is well worth considering. The idea of a
malicious programmer turning off auditing triggers isn't very
nice, but then neither is the idea of a malicious programmer
with write access.
Extending the concept with access control would require declaration
of trigger classes, which I omitted out of sheer laziness over
Ann's objections. She would almost certainly browbeat any Firebird
developer into doing so.
Jim Starkey
>> From: Jim StarkeyThe Netfrastructure application environment doesn't really need
>>
>> The disable statement disables triggers of the given name for
>> either the duration of connection or until the trigger class
>> is explicitly enabled with the enable trigger class statement.
>>
>> Trigger classes are not explicitly declared, just used.
>
>Is trigger_class enabling/disabling restricted to table owner,
>or is there some way how to restrict this functionality
>to selected users (something like "grant class_name to user ...") ?
>
security restrictions, so I haven't provided for any. In a more
general context, it is well worth considering. The idea of a
malicious programmer turning off auditing triggers isn't very
nice, but then neither is the idea of a malicious programmer
with write access.
Extending the concept with access control would require declaration
of trigger classes, which I omitted out of sheer laziness over
Ann's objections. She would almost certainly browbeat any Firebird
developer into doing so.
Jim Starkey