Re: [Exist-development] [HEADS-UP] Merge in of Security Branch

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

> XQuery processor have three stagers: read, compile & evaluation. My proposal
> to run first stage (read) as SYSTEM after 'x' check & 2nd/3rd as
> authenticated/guest user.
>
> Can we trust to XQuery processor? ... well .... hmmmm .... why not? -)

No No No. User rights escalation in eXist-db is evil, just as it is in
any system, and can easily lead to privilege escalation attacks, and
bugs (we have seen some of those in the past, users magically becoming
DBA/system etc.) I have been phasing out the use of the SYSTEM user in
many places, and now we have the new security model, I think this can
be removed from *almost* everywhere.

I think there is a better way to do this, see my last email...

-- 
Adam Retter

eXist Developer
{ United Kingdom }
ad...@ex...
irc://irc.freenode.net/existdb

Re: [Exist-development] [HEADS-UP] Merge in of Security Branch

eXist-db is a feature rich Open Source native XML database

Re: [Exist-development] [HEADS-UP] Merge in of Security Branch