Subject Re: [Firebird-Architect] Re: User name SYSDBA
Author Helen Borrie
At 10:30 AM 9/08/2005 +0400, you wrote:
>"Roman Rokytskyy" <rrokytskyy@...> wrote:
> >
> > The main question is how the permissions are determined during request
> > execution. Currently this is performed during statement compilation
> > and it seems that moving permission checks to the execution time
> > without degrading the performance is not an easy task.
>The question is not whether it can be done at the execution time but whether
>it should be. IIRC, the SQL spec explicitly requires permissions to be
>checked at the prepare time. And it makes a lot of sense to me.

Me too. I've been really struggling to understand why it would ever be
necessary (or even rational) to defer authorisation until execution
time. AFAIK, even ExecuteImmediate has an implicit Prepare that pre-empts
an unauthorised execution request.