Menu
▾
▴
Re: [Firebird-devel] EXECUTE STATEMENT bug
|
From: Constantijn W. cw.s <cw...@xs...> - 2004-06-04 14:20:50
|
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content=3D"text/html;charset=3DISO-8859-15"
http-equiv=3D"Content-Type">
<title></title>
</head>
<body bgcolor=3D"#ffffff" text=3D"#000000">
Daniel Rail wrote:
<blockquote cite=3D"mid...@ac..." type=3D"cite">
<pre wrap=3D"">Hi,
At June 4, 2004, 09:41, Constantijn Wolfs cw.s wrote:
</pre>
<blockquote type=3D"cite">
<blockquote type=3D"cite">
<pre wrap=3D"">Dmitry Yemanov wrote:
It's not a bug, but as designed. EXECUTE STATEMENT doesn't inherit
privileges of the procedure and the appropriate DSQL statement executed w=
ith
the current user's privileges.
</pre>
</blockquote>
</blockquote>
<pre wrap=3D""><!---->
</pre>
<blockquote type=3D"cite">
<pre wrap=3D"">You're right, sorry. I=A0 must read the releasenotes m=
ore carefully.=20
Nevertheless it would be nice if it did; it is a psql extension, isn'tit?.
</pre>
</blockquote>
<pre wrap=3D""><!---->
I don't believe it would be nice. Because, it would be too convenient
to be abused of. At the moment it is possible to pass the DSQL
statement via a SP parameter to be used by EXECUTE STATEMENT. Now,
imagine the possible risks if the wrong statement is passed(i.e.:
DELETE FROM table), without any thought or maliciously(depending on
application design and user access to admin applications).
</pre>
</blockquote>
Hello Daniel,<br>
<br>
I don't see any relevance with the question at hand. Designers which
give end users the possibility to damage the database through=A0
execution of free sqlstatement=A0 input must be banned to ..... <br>
Enhancing security has a lot to do with the intuitive logic and
predictability of the psql language. Users are granted execution rights
of the sp's and nothing more. That also increases security.=A0 I my case
I can build 40-50 different sp's to implement a rich search
functionality, or i can build different statements in the sp according
to the parameter input,. Normally by the sp "encapsulated" access
rights to other database objects, must now be granted explicitely. That
is inconsistent and a potential source of insecurity build in by other
programmers less aware of this anomaly in logic (like me 5 hours ago).<br=
>
<br>
</body>
</html>
|