I did not know what its behaviour was in regards to alreday existing tables. If it does not clobber, than not a bad thing. I wonder if an appropriate "lockdown" would be to rig it so that it can only be run from localhost? And/or require the system root password as a parameter? I am thinking about what would happen if some kid tried it for a lark.
Regards, Steve
Michael Nash JGlobal.com wrote:
Steve:
Good idea to lock the model down, but we'll still need some way to run it as a special exception if you're logging in via the svc-authentication/authorization-persist. Of course, we could use a combo of svc-authentication-config and svc-authentication-persist, that way a basic username for createdb could be right in the configuration.
OTOH, running createdb is pretty harmless, actually - it never deletes anything, only creates it if it isn't there, so it's not the worst in terms of security problems.
Mike
-- Java/J2EE Developer/Integrator Co-Chair, Dallas/FortWorth J2EE Sig 214-724-7741
http://keelframework.org/documentation Keelgroup mailing list [EMAIL PROTECTED] http://lists.keelframework.com/listinfo.cgi/keelgroup-keelframework.com
