Subject Re: [Firebird-Architect] External engines - metadata
Author Vlad Khorsun
> Vlad Khorsun wrote:
>>> It may be when SYSDBA grant language usage to a user.
>> I still not understand why we should have such privileges (for language usage).
> You not see because you're thinking in a limited environment like
> current UDFs, that one need to put binary files in an allowed directory.

And nobody get the reasons why it is not enough for Java

> We're now doing a extensible plugin architecture, and we don't know how
> and what plugins can execute.

GRANT EXECUTE is not enough ?

Adriano, define please goals, problems and only after - possible solutions.
Else we never understand each other

>>> If plugin tables are owned by SYSDBA, how it will work with tables in
>>> user context?
>>> Note that security plugin tables should not be accessible to users and
>>> classes stored in blobs should only be accessible to who own it.
>> Plugin's tables must be acessible at least for read by all users.
> I don't thinkg things should be so simple. Not everyone may read .class
> files stored in database.

What .class files ? In my database there are no .class files ;)

>> Only exception is security plugin (hmm... i tought we talked here about external
>> engines not about generic plugins ?).
> I mean tables controlling security of the plugin, which we discussed
> about J2SE security configured in the database.

See above. I don't want discuss details of something on which there are
no agreement.