Menu
▾
▴
[Firebird-devel] protecting metadata in IB 6.5
|
From: Dmitry K. <di...@de...> - 2001-12-10 13:36:03
|
Hello, All! Protectng metadata is good feature in IB 6.5, but not new. I'm ready to dispute about header in readmeta.sql, blindmeta.sql, writemeta.sql: /* * Copyright (C) 2001 Borland Software Corporation * All Rights Reserved. * Contributor(s): ______________________________________. */ This can't be copyrighted, since one person named Michael Podstrechny found this solution for IB 4.x and sent to me. And I've PUBLISHED it in 1997: (sorry that text in Russian, but that's as document was published originally. We are only interested only in grant/revoke commands and idea itself) http://ib.demo.ru/DevInfo/sysprot.htm Original file date was lost, sorry, but anyway last change date is 29 october 1998. So, I'm proud to say that EVERYONE can use this idea, without any mention of Borland Software Corp. (with my respect to it). I understand Borland's motivation, i.e. all included in distribution must be marked. But in this situation they have no (c). p.s. If I apply readmeta.sql on FB database, every user can create his own tables. But he can't delete or edit records directly in RDB$. (that's why I don't understand purpose of writemeta.sql - to enable every user directly run 'delete from rdb$user_privileges' ?). Blindmeta.sql hides everything (except for SYSDBA) - RDB$ are not accessible and thus user can't select any data from any table. So, as I understand, this feature (new 6.5 metadata protection) is in switching off privileges check for system tables RDB$ ? In this case, I don't understand why they need to be checked at all. Let engine check privileges for any objects, except system. p.p.s. it is much easier to cut some part of code, rather than to write new. Isn't it? :-) -- Dmitry Kuzmenko, Epsylon Technologies. |
