On Wed, 08 Jan 2014 19:13:02 +0400, Alex <peshk...@mail.ru> wrote: > On 01/07/2014 01:11 PM, marius adrian popa wrote: >> Notes on database security assesment >> http://www.slideshare.net/qqlan/firebird-interbase-database-engine-hacks-or-rtfm >> > > I see 2 kinds of samples - mixed DDL/DML statements and use of UDF. > > It's well known and documented (can't provide a link but as far as I > remember it's documented) fact that DDL/DML mix is not what makes > firebird behave well. Anyway: > > $ ./isql employee -u sysdba ## it's fb3 and use of embedded access > SQL> set autoddl off; > SQL> ALTER DATABASE ADD DIFFERENCE FILE 'filename'; > SQL> ALTER DATABASE BEGIN BACKUP; > SQL> INSERT INTO country values ('aa', 'bb'); > SQL> commit; ... > aa bb > > SQL> > > I see no lockout. And without "set autoddl off" also (certainly) no > lockout.
I think he means you can create a file anywhere on the file system (ie in a webserver directory) with a relatively high level of control of what gets into it. Mark ------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
