>>>>> "RH" == Rick Hillegas <[EMAIL PROTECTED]> writes:
RH> These are useful checks. It reminds me of how vulnerable we are given
RH> all the ways that users can inject code into the database. A malicious
RH> or buggy function/procedure/aggregate/adt/vti could probably find a
RH> way to mount a denial of service attack. Our user documentation should
RH> point out the importance of tightly restricting who can inject
RH> code. As you note, GRANT/REVOKE will be our first line of defense.
Does the current GRANT/REVOKE work include a specific privilege for
creating stored procedures?
--
Øystein
