Subject Re: [Firebird-Architect] External engines - metadata
Author Adriano dos Santos Fernandes
Vlad Khorsun wrote:
>> It may be when SYSDBA grant language usage to a user.
> I still not understand why we should have such privileges (for language usage).
You not see because you're thinking in a limited environment like
current UDFs, that one need to put binary files in an allowed directory.

We're now doing a extensible plugin architecture, and we don't know how
and what plugins can execute.

>> If plugin tables are owned by SYSDBA, how it will work with tables in
>> user context?
>> Note that security plugin tables should not be accessible to users and
>> classes stored in blobs should only be accessible to who own it.
> Plugin's tables must be acessible at least for read by all users.
I don't thinkg things should be so simple. Not everyone may read .class
files stored in database.

> Only exception is security plugin (hmm... i tought we talked here about external
> engines not about generic plugins ?).
I mean tables controlling security of the plugin, which we discussed
about J2SE security configured in the database.