Subject | Re: [Firebird-Architect] External engines - metadata |
---|---|
Author | Alex Peshkov |
Post date | 2007-10-19T10:07:11Z |
On Friday 19 October 2007 14:48, Adriano dos Santos Fernandes wrote:
> Vlad Khorsun escreveu:Adriano, completely agreed with you in both points.
> >> Certainly, we must have well defined user's rights related with defining
> >> external routines.
> >
> > All we can (and must) to do is define and check
> > CREATE\DECLARE\ALTER\DROP <object> privileges at database level. All
> > other is external to database engine and not an our deal
>
> The rights to declare external procedures/functions should be per language.
>
> So Java language may have more relaxed rights, and the plugin implements
> security based on J2SE.
>
> >> Without it we can easily return to problems, when any user
> >> with valid FB login may execute any code in context of firebird server.
> >> For example, if any user would be able to create database (becoming it's
> >> owner)
> >
> > Here we have a real problem - we must define and check privileges for
> > CREATE DATABASE at engine instance level.
>
> Agreed.
>
> But user having CREATE DATABASE rights may not mean he can control the
> server.
>
> Probably a SYS user/role would be better.