On 19-5-2016 19:42, Dimitry Sibiryakov wrote: > 19.05.2016 19:32, Mark Rotteveel wrote: >> I think Adriano is taking about the fact that someone from Java code running >> inside >> Firebird would be able to make an embedded connection to any database >> running on the same >> server. That is a totally different security threat than the capability that >> a normal Java >> program with Jaybird has (as it is either not running on a Firebird server, >> or with an >> (OS) user that doesn't have access to those databases). > > Is there a way to prevent Java applet from using anything from out of > database (other > applets, native libraries and so on)?
In Java, you can use a SecurityManager and a 'policy' to restrict actions. It is rather complex and I would guess that a lot of Java developers likely have never written security manager related code (I myself haven't). In this case it might be possible to have jaybird check permissions per JDBC URL. However, I'm not sure what impact adding such a change would have on users of Jaybird that do use a SecurityManager. Mark -- Mark Rotteveel ------------------------------------------------------------------------------ Mobile security can be enabling, not merely restricting. Employees who bring their own devices (BYOD) to work are irked by the imposition of MDM restrictions. Mobile Device Manager Plus allows you to control only the apps on BYO-devices by containerizing them, leaving personal data untouched! https://ad.doubleclick.net/ddm/clk/304595813;131938128;j Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
