> On Friday 19 October 2007 15:18, Adriano dos Santos Fernandes wrote:
> > Vlad Khorsun escreveu:
> > >> Vlad Khorsun escreveu:
> > >>>> Certainly, we must have well defined user's rights related with
> > >>>> defining external routines.
> > >>>
> > >>> All we can (and must) to do is define and check
> > >>> CREATE\DECLARE\ALTER\DROP <object> privileges at database level. All
> > >>> other is external to database engine and not an our deal
> > >>
> > >> The rights to declare external procedures/functions should be per
> > >> language.
> > >
> > > Why ?
> >
> > For example, A ISP will not give rights to run Delphi or C++ code in his
> > server, but can give rights to run Java in the database, as he already
> > allows I run Java in the app. server.

ISP should not know on which language given procedure is written.
ISP may allow\disallow you to copy dll into host this is enough.

> > >> So Java language may have more relaxed rights, and the plugin implements
> > >> security based on J2SE.
> > >
> > > I still don't see why we must worry about external rights
> >
> > Again, the ISP allows I run Java in his server because Java is "safe".

Huh ? Java program can't send spam ? Or open socket ?

> > But he don't trust-me, to control his machine.
>
> And Vlad - WHY should grant to CREATE DATABASE mean grant to execute arbitrary
> code on a server? How is it related?

Its not related. At least it must be not related. Where i said contrary ? ;)

Regards,
Vlad