From: Jim S. <ja...@ne...> - 2005-05-04 19:45:01
|
Vlad Horsun wrote: >>Small example (using isql): >>Insert new row containing blob into the table, >>select from that table to obtain its blob-id, but do not commit. >>Now in another isql instance use this blob-id >>in BLOBDUMP command, and you will get contents >>of these uncommitted data. >> >> > > If this is so then this is a bug, imho. > > I can not say for FB 1.5.2 for now (must check the sources), but >in FB2 temporary blobs are accounted within transactions and >temp_blob_id == 1 within transaction X is not the same as >temp_blob_id == 1 within transaction Y. > > > The problem isn't specific to temporary blobs (it isn't a temporary blob anymore, incidentally). This is just a special case of forged blob ids. I doubt anyone has ever done anything to prevent retrieval of an arbitrarily constructed blob id. To do so would require tracking all blob ids fetched by a transaction and validating even blob open against this set. Certainly doable, but worth the cost? If we had any form of row level security, the answer is probably yes. Now? Problematic. -- Jim Starkey Netfrastructure, Inc. 978 526-1376 |