| Subject | Re: [Firebird-Architect] External engines - security |
|---|---|
| Author | Adriano dos Santos Fernandes |
| Post date | 2007-10-19T13:48:58Z |
Vlad Khorsun escreveu:
AFAIK, FB is not near success in ISP's, where MySQL dominates.
What I'm proposing is not good only for this type, but is proper
security in general.
Do we want the lack (for create database, backup, and everything except
insert/execute/select/delete) of FB security in this new area too?
We don't need to show source code to say that something will not do bad
things.
You certainly understand what I'm talking.
SysAdmin can trust my Java code to run in *his* configured sandbox, but
not my binary code.
each DB user) can also have different security policies.
Adriano
>> This is plugin responsabillity.No.
>>
>
> And its forced us to re-invent many wheels already implemented at filesystem
> security level
>
>It should be usable.
>
>> That's one task for DBMS_JAVA-like package that I want in FB.
>>
>
> Take some ideas from other DBMSs is a good practice. But only when we
> take really good ideas ;) Or i can said another - not all things good for Oracle
> good for Firebird also ;)
>
> I just don't want to make FB more complex that it absolutely needed.
>
AFAIK, FB is not near success in ISP's, where MySQL dominates.
What I'm proposing is not good only for this type, but is proper
security in general.
Do we want the lack (for create database, backup, and everything except
insert/execute/select/delete) of FB security in this new area too?
> My point is that this is sysadmin's responsibility to not let suspect codeThis is not how things works in Java, sorry.
> into his system
>
We don't need to show source code to say that something will not do bad
things.
> What is "site" in your analogue ? OCX == external code (non SQL procedure),Sorry, but I'll not comment this. :-)
> computer == computer ;) applets == external code (non SQL procedure) but what
> is a "site" ? And applets executed in\by browser (== firebird ?), not in computer.
>
You certainly understand what I'm talking.
SysAdmin can trust my Java code to run in *his* configured sandbox, but
not my binary code.
>Security by obscurity, right? :-)
>> But it runs in fbserver space, no? How can fbserver be allowed to write
>> to filesystem then?
>>
>
> In properly tuned system fbsever allowed to write at very limited palces in FS.
> And only sysadmin know where this places are. And sysadmin may change it
> as he(she) needed. Any other code executed inside fbserver don't know this
> places too. Thus it can't write into FS
>
>> Sorry, but I'm not understand your question about J2SE security andYes, each process loads one JVM and AFAIK, each ClassLoader (one for
>> fbserver.exe.
>>
>
> Can one tune J2SE security on per-process basis ? I.e. - allow some process
> to do something (load java class and run it, for example). Or how it is worked ?
each DB user) can also have different security policies.
Adriano