On Thu, 28 Jul 2011 10:44:06 +0400, Alex Peshkoff <peshk...@mail.ru> wrote: > On 07/27/11 17:10, Adriano dos Santos Fernandes wrote: >> From FB POV, signed code for sysadmin means nothing. Sysadmin should >> just be able to put files where it wants and like UDFs, if it's in the >> right place it should be used. >> >> What I see good about code signing is that sysadmin could delegate code >> installation to others users (or just the DBA) from remote*. >> >> So the certificate (public key) is put on the server, and anyone able to
>> sign the binaries with the correspondent private key are good people. > > I like the idea. > >> * In the Java plugin, users can install code (in the database) from >> client application or from already installed external routines. These >> external routines are just wrappers with runs the same client code, but >> now in the server. > > As long as mentioned restrictions (browser-like mode) are applied, there > is no big need to sign Java code. In general for Java (if you look at applets and Java WebStart), signed code (with a trusted certificate) is allowed more privileges than unsigned/untrusted code. Maybe a similar construct is useful for privilege escalation where a specific parts of Java code needs more access (eg local filesystem access, or access to other hosts, etc). ------------------------------------------------------------------------------ Got Input? Slashdot Needs You. Take our quick survey online. Come on, we don't ask for help often. Plus, you'll get a chance to win $100 to spend on ThinkGeek. http://p.sf.net/sfu/slashdot-survey Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
