Subject Re: [Firebird-Architect] External engines - metadata
Author Adriano dos Santos Fernandes
Jim Starkey wrote:
> Adriano dos Santos Fernandes wrote:
>
>> Jim Starkey wrote:
>>
>>
>>>> For example, A ISP will not give rights to run Delphi or C++ code in his
>>>> server, but can give rights to run Java in the database, as he already
>>>> allows I run Java in the app. server.
>>>>
>>>>
>>>>
>>>>
>>>>
>>> Then your ISP is stupid. And stupidity should not drive database
>>> architecture.
>>>
>>>
>> Elaborate, please?
>>
>> Seems you're using the same Vlad arguments of security by obscurity,
>> where user (that define external procedures) doesn't know database
>> filenames, for example?
>>
>>
>>
>>
>
> Sorry.
>
> What I should have said is that Java is no less computationally complete
> than C, C++, Delphi, or anything else. Java has more than a fair bit of
> internal security, but most of it is to protect a host computer from an
> applet. An ISP who believes that Java can't send spam, spoof DNS
> servers, or other evil things is dangerously ill-informed. In an applet
> context, Java's ability to do these things is serverely restriction (it
> can't, for example, open a socket to any node other than from where it
> downloaded), but on standalone, Java is unlimited in its capacity for
> evil or good.
No, Jim.

The same security (or a more "restricted") imposed to applets may be
imposed to a standalone Java application.


Adriano