Re: Using File I/O within SPL

From: Jack Parker <vze2qjg5_at_verizon.net>
Date: Sat, 23 Jun 2001 02:52:43 GMT
Message-ID: <3B3403A9.DE158ECA_at_verizon.net>

Lee Miller wrote:
>
> "Jack Parker" <vze2qjg5_at_verizon.net> wrote in message
> news:3B2E8473.5F16AD63_at_verizon.net...
> > I can see instances where this has occurred. What is to stop a
> > malicious user from writing their own SPL to overwrite one of these
> > output files? Since they are written by the shadow process and not by
> > the user id there is no protection for the file.
>
> create procedure permission (or lack thereof) prohibits people from creating
> malicious stored procedures.

Isn't this like taking the engine out of the car that is being bought? What is the point of purchasing the product if you can't use stored procedures?

>
> grant create procedure to <username>;
> revoke create procedure from <username>;
>
> It is not granted by default. (Although it may be inherited from a role)

-- 
"You got to make yourself have a good time, 
that's what it is, 
because there ain't nobody else going to do it for you." 
                   - Mail(wo)man

Received on Sat Jun 23 2001 - 04:52:43 CEST

This message: [ Message body ]
Next message: Jack Parker: "Re: Using File I/O within SPL"
Previous message: Marcin: "Database link not active - problem in setting up replication while using Named Pipes protocol"
Maybe in reply to: Jack Parker: "Using File I/O within SPL"
In reply to Lee Miller: "Re: Using File I/O within SPL"
Next in thread: Jack Parker: "Re: Using File I/O within SPL"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message