|Subject||Re: [Firebird-Architect] External engines - metadata|
> Vlad Khorsun escreveu:We have no agreement java classes must be stored inside DB.
> >>> For example, A ISP will not give rights to run Delphi or C++ code in his
> >>> server, but can give rights to run Java in the database, as he already
> >>> allows I run Java in the app. server.
> > ISP should not know on which language given procedure is written.
> > ISP may allow\disallow you to copy dll into host this is enough.
> If your are talking about plugins implemented in Delphi/C++, yes.
> But here we're talking about Java, no? :-)
> Plugin is DLL, but user code is classes.
> >>>>> So Java language may have more relaxed rights, and the plugin implementsHow J2SE security is worked ? Is it enough to (dis)allow execute some
> >>>>> security based on J2SE.
> >>>> I still don't see why we must worry about external rights
> >>> Again, the ISP allows I run Java in his server because Java is "safe".
> > Huh ? Java program can't send spam ? Or open socket ?
> Another reason to integrate J2SE security with database users/roles in
> the plugin.
java code by fbserver.exe ?
> Haven't you saying the contrary? ;-)No ;)
> >>> But he don't trust-me, to control his machine.For native code its called DEP - data execution prevention. And it have no
> >> And Vlad - WHY should grant to CREATE DATABASE mean grant to execute arbitrary
> >> code on a server? How is it related?
> > Its not related. At least it must be not related. Where i said contrary ? ;)
> If plugin allows to send binary data to blob and then execute what is in
> the blob, it can.
relation with database engine security. I see no good reason to make exceptions
for java or any other language