On 07/27/11 16:42, ik wrote: > On Wed, Jul 27, 2011 at 15:35, Tony Whyman > <tony.why...@mccallumwhyman.com>wrote: > >> This is really a general UDF problem and another reason why you need to >> be very careful about deploying them. The only difference between an >> embedded function and UDF one is that theoretically a System Admin >> should check the UDF before installing it.... >> >> Otherwise, it has the same potential to damage. >> > If you have a programming language compiler or interpretor at hand, the last > security hole will be the UDF because I can do what ever I want with a > programming language :) >
Yes - and this is the main security problem when trying to use generic languages instead PL/SQL. > If people have access to firebird and load malicious shard library, then it > does not matter anymore, because firebird does not contain a specific shared > library structure, but use the OS to load it and execute the code. > > Firebird should create a lot of mechanises to protect of loading UDF, but > once you passed them, there is not much that can be done imho. > Since FB 1.5 that mechanism exists - by default one can execute UDFs only from $FbRoot/UDF directory, and noone except root can add files to it. Certainly, it can be broken with invalid access rights in filesystem or bad firebird.conf (like almost everyone security system). ------------------------------------------------------------------------------ Got Input? Slashdot Needs You. Take our quick survey online. Come on, we don't ask for help often. Plus, you'll get a chance to win $100 to spend on ThinkGeek. http://p.sf.net/sfu/slashdot-survey Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
