This is really a general UDF problem and another reason why you need to
be very careful about deploying them. The only difference between an
embedded function and UDF one is that theoretically a System Admin
should check the UDF before installing it....

Otherwise, it has the same potential to damage.

On 27/07/11 12:40, Alex Peshkoff wrote:
>  On 07/27/11 15:11, Tony Whyman wrote:
>> 6. Just in time compilation of the embedded procedure on first use
>> (after create/alter) into a shared library/DLL which is then effectively
>> a dynamically generated UDF library. A JIT approach is important because
>> the database can be moved between processor architectures/platforms and
>> it is important to be able to recompile automatically for the new platform.
> Before doing JIT, we must think about related security issues. How can
> we prevent pascal procedure from doing bad things with firebird runuser
> access rights?
>
>
> ------------------------------------------------------------------------------
> Got Input?   Slashdot Needs You.
> Take our quick survey online.  Come on, we don't ask for help often.
> Plus, you'll get a chance to win $100 to spend on ThinkGeek.
> http://p.sf.net/sfu/slashdot-survey
> Firebird-Devel mailing list, web interface at 
> https://lists.sourceforge.net/lists/listinfo/firebird-devel

------------------------------------------------------------------------------
Got Input?   Slashdot Needs You.
Take our quick survey online.  Come on, we don't ask for help often.
Plus, you'll get a chance to win $100 to spend on ThinkGeek.
http://p.sf.net/sfu/slashdot-survey
Firebird-Devel mailing list, web interface at 
https://lists.sourceforge.net/lists/listinfo/firebird-devel

Reply via email to