Subject | Re: [Firebird-Architect] External engines - metadata |
---|---|
Author | Adriano dos Santos Fernandes |
Post date | 2007-10-19T10:48:16Z |
Vlad Khorsun escreveu:
So Java language may have more relaxed rights, and the plugin implements
security based on J2SE.
But user having CREATE DATABASE rights may not mean he can control the
server.
Probably a SYS user/role would be better.
Adriano
>> Certainly, we must have well defined user's rights related with definingThe rights to declare external procedures/functions should be per language.
>> external routines.
>>
>
> All we can (and must) to do is define and check CREATE\DECLARE\ALTER\DROP
> <object> privileges at database level. All other is external to database engine and
> not an our deal
>
So Java language may have more relaxed rights, and the plugin implements
security based on J2SE.
>Agreed.
>> Without it we can easily return to problems, when any user
>> with valid FB login may execute any code in context of firebird server. For
>> example, if any user would be able to create database (becoming it's owner)
>>
>
> Here we have a real problem - we must define and check privileges for
> CREATE DATABASE at engine instance level.
But user having CREATE DATABASE rights may not mean he can control the
server.
Probably a SYS user/role would be better.
Adriano