21.03.2014 01:38, Claudio Valderrama C. wrote: > - Linking user tables to sys tables (FK) should be forbidden (I didn't try, > but if it works, it shouldn't).
Sys tables don't have PK/UK constraints (only unique indices), so FKs cannot be created. > - User code should not fiddle with sys generators (I think Dmitry achieved > that with ACLs on generators). No, ACLs don't help here. I think users should be able to query sys generators, but don't increment/reset them. This should be checked at runtime like you did in VIO for sys tables. > - Taking exclusive lock on sys tables from DML should be forbidden, except > for sysdba: > select * from <sys_table> for update with lock; => disaster? > Of course, we should check all options in the TPB, too. Please forbid that for everyone, including SYSDBA. > Probably, the super user should be given the possibility of messing > everything at will if it activates a flag. From this POV, checking rights in > code is (for me) more flexible than a set of ACLs for sys tables. I disagree that super user should have power of breaking the system schema. Dmitry ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/13534_NeoTech Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel