Em 19/05/2016 14:42, Dimitry Sibiryakov escreveu: > 19.05.2016 19:32, Mark Rotteveel wrote: >> I think Adriano is taking about the fact that someone from Java code running >> inside >> Firebird would be able to make an embedded connection to any database >> running on the same >> server. That is a totally different security threat than the capability that >> a normal Java >> program with Jaybird has (as it is either not running on a Firebird server, >> or with an >> (OS) user that doesn't have access to those databases). > > Is there a way to prevent Java applet from using anything from out of > database (other > applets, native libraries and so on)? >
Java code runs in the database by default in the same manner it runs in browser without you knowing: cannot do what you don't allow. But if it can connect to java-security.fdb database without password with embedded, it can bypass security. Adriano ------------------------------------------------------------------------------ Mobile security can be enabling, not merely restricting. Employees who bring their own devices (BYOD) to work are irked by the imposition of MDM restrictions. Mobile Device Manager Plus allows you to control only the apps on BYO-devices by containerizing them, leaving personal data untouched! https://ad.doubleclick.net/ddm/clk/304595813;131938128;j Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
