This is really a general UDF problem and another reason why you need to be very careful about deploying them. The only difference between an embedded function and UDF one is that theoretically a System Admin should check the UDF before installing it....
Otherwise, it has the same potential to damage. On 27/07/11 12:40, Alex Peshkoff wrote: > On 07/27/11 15:11, Tony Whyman wrote: >> 6. Just in time compilation of the embedded procedure on first use >> (after create/alter) into a shared library/DLL which is then effectively >> a dynamically generated UDF library. A JIT approach is important because >> the database can be moved between processor architectures/platforms and >> it is important to be able to recompile automatically for the new platform. > Before doing JIT, we must think about related security issues. How can > we prevent pascal procedure from doing bad things with firebird runuser > access rights? > > > ------------------------------------------------------------------------------ > Got Input? Slashdot Needs You. > Take our quick survey online. Come on, we don't ask for help often. > Plus, you'll get a chance to win $100 to spend on ThinkGeek. > http://p.sf.net/sfu/slashdot-survey > Firebird-Devel mailing list, web interface at > https://lists.sourceforge.net/lists/listinfo/firebird-devel ------------------------------------------------------------------------------ Got Input? Slashdot Needs You. Take our quick survey online. Come on, we don't ask for help often. Plus, you'll get a chance to win $100 to spend on ThinkGeek. http://p.sf.net/sfu/slashdot-survey Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel