On 07/27/11 17:10, Adriano dos Santos Fernandes wrote: > From FB POV, signed code for sysadmin means nothing. Sysadmin should > just be able to put files where it wants and like UDFs, if it's in the > right place it should be used. > > What I see good about code signing is that sysadmin could delegate code > installation to others users (or just the DBA) from remote*. > > So the certificate (public key) is put on the server, and anyone able to > sign the binaries with the correspondent private key are good people.
I like the idea. > * In the Java plugin, users can install code (in the database) from > client application or from already installed external routines. These > external routines are just wrappers with runs the same client code, but > now in the server. As long as mentioned restrictions (browser-like mode) are applied, there is no big need to sign Java code. ------------------------------------------------------------------------------ Got Input? Slashdot Needs You. Take our quick survey online. Come on, we don't ask for help often. Plus, you'll get a chance to win $100 to spend on ThinkGeek. http://p.sf.net/sfu/slashdot-survey Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
