> On 10/10/11 11:53, Vlad Khorsun wrote:
>>> At the first glance it's possible to avoid loading trigger's body with
>>> WHEN clause.
>> Should we check permissions of trigger's code ? If yes - we will load
>> it anyway at query (insert\update\delete) prepare time.
>
> We should not check permissions of trigger in that case. Imagine clause:
>
> WHEN CURRENT_USER != 'SYSDBA'
If such clause is inside trigger code then it not affects security checks
and
*whole* trigger code is checked. SQL standard says something about security
checks for conditional triggers ?
Regards,
Vlad
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2dcopy1
Firebird-Devel mailing list, web interface at
https://lists.sourceforge.net/lists/listinfo/firebird-devel
