| Subject | Re: [Firebird-Architect] External engines - security |
|---|---|
| Author | Adriano dos Santos Fernandes |
| Post date | 2007-10-22T15:03:40Z |
Roman Rokytskyy escreveu:
We can have two databases with two different owners, but there is only
one place for UDF (and hence for external procedures).
If a non-privileged user can guess (it could be one well known) the name
of that module, he can use it.
Adriano
>> GRANT USAGE ON LANGUAGE JAVA TO USER NORMAL_USER1 WITH GRANT OPTION;It's not useless. Did you think current UDF security is good then?
>> GRANT USAGE ON LANGUAGE DELPHI TO USER SUPER_USER1;
>>
>
> What exactly benefits do we get with such GRANT?
>
> - This GRANT is useless if SUPER_USER1 does not get a chance to put his
> DLL on the file system after convincing sysdba about the safety of the
> code.
>
We can have two databases with two different owners, but there is only
one place for UDF (and hence for external procedures).
If a non-privileged user can guess (it could be one well known) the name
of that module, he can use it.
Adriano