From: Dannes W. <da...@ex...> - 2010-03-24 18:46:36
|
Hi, On Wed, Mar 24, 2010 at 7:23 PM, Dmitriy Shabanov <sha...@gm...> wrote: > Do we speak about LibFunction? I don't see any security issue there, or > I'm missing something? > Any scenario? The issue is fundamentally. A jar library is specified by a query, that can live anywhere, even oustide the db. Basically all jar files can be specified, including those who you might not want to expose, e.g. private libraries. D. -- eXist-db Native XML Database - http://exist-db.org Join us on linked-in: http://www.linkedin.com/groups?gid=35624 |