On 01/03/12 17:58, Dmitry Yemanov wrote: > 03.01.2012 17:40, Alex Peshkoff wrote: > >> In EXECUTE STATEMENT certainly yes. But I do not understand why should >> external procedure behave like EXECUTE STATEMENT, not like any other >> stored procedure. > We seem to have some misunderstanding :-) >
Definitely. I was talking about ability to grant privileges to the whole external procedure as an object :-) > Both UDRs and EXECUTE STATEMENTs deal with dynamic SQL, not PSQL. > Permissions of internal queries are checked at runtime. They can be > validated against user permissions or caller permissions. EXECUTE > STATEMENT achieves the latter via the WITH CALLER PRIVILEGES clause. > > So what I suggest is exactly how "any other stored procedure" work, as > their PSQL internals also work with the caller privileges. I used > EXECUTE STATEMENT for comparison just because it's also dynamic SQL > executed inside a routine, thus better resembling the UDRs architecture. ------------------------------------------------------------------------------ Write once. Port to many. Get the SDK and tools to simplify cross-platform app development. Create new or port existing apps to sell to consumers worldwide. Explore the Intel AppUpSM program developer opportunity. appdeveloper.intel.com/join http://p.sf.net/sfu/intel-appdev Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
