On 20/05/2016 05:32, Mark Rotteveel wrote: > Yes it can, but for example the client library (and embedded engine) is > already loaded because that is used by FB/Java itself, so it is available. > > It might be possible to restrict access, but I don't know the Java > SecurityManager well enough to answer that. It might be possible to do > some ClassLoader magic to restrict access to the loaded library, and > then deny access to load it again from other parts, but as the Java code > also most be able to get the 'default' connection (access to the current > connection), that might not be feasible. > > That's not the problem, permissions already work.
But FB/Java cannot verify user names and passwords. That is Firebird task and it is avoiding to do it in this needed case. Adriano ------------------------------------------------------------------------------ Mobile security can be enabling, not merely restricting. Employees who bring their own devices (BYOD) to work are irked by the imposition of MDM restrictions. Mobile Device Manager Plus allows you to control only the apps on BYO-devices by containerizing them, leaving personal data untouched! https://ad.doubleclick.net/ddm/clk/304595813;131938128;j Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
