Øystein Grøvlen wrote: >>>>>>"SB" == Satheesh Bandaram <[EMAIL PROTECTED]> writes: > > > SB> Now I understand what you mean by this... after reading > SB> Oystein's question. Current proposal only has EXECUTE > SB> privilege to allow executing procedures and functions. Creator > SB> of the routine can define if that needs to be executed as the > SB> invoker or the definer. > > I think restricting the privilege to create stored procedures are a > much more effective way of prohibiting stored procedures with > malicious code than any attempt to limit access to the internal data > structure of a Derby class.
True, but as with any system security is a result of a number of restrictions, not a single one. Even with correct authentication and authorization set up, my itch is to ensure: - allowing third-party server-side code within Derby should be an understandble risk to the database owner. - allowing a third party Derby based application on a machine should should be an understandble risk to the system owner. Dan.
