> On Mon, Jun 30, 2003 at 08:34:44AM -0500, Krister Lagerstrom wrote:
>> What would the security hole consist of, other than the user deleting
>> his own tables?
>
> Mainly, yeah. And you're correct, subselects are allowed, though
> that's not something I would want to cripple, because, coming from
> MySQL, and using PostgreSQL, I know how much cooler subselects are.
It would be nice if the security is layered outside of the database and
the queries. I don't think it will be possible/desireable to parse all SQL
queries to find "bad" code. It is better to restrict access to the machine
instead.
I've never seen SQLite before you started working on it, but I'm pretty
impressed by what it claims to do and that it is so easy to integrate with
Freevo. I've used MySQL/Python a bit, and while it is powerful I'd never
want to make MySQL a requirement for the basic Freevo functions due to
install/setup issues.
SQLite on the other hand could easily be made part of the standard Freevo
setup IMHO. For instance, it looks like a pretty elegant solution to the
problem of displaying 10000 MP3 songs that the user put in a single
folder...
/ Krister
-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01
_______________________________________________
Freevo-devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/freevo-devel
