db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Satheesh Bandaram <sathe...@Sourcery.Org>
Subject Re: Grant/Revoke subtask - EXTERNAL SECURITY DEFINER | EXTERNAL SECURITY INVOKER
Date Thu, 23 Feb 2006 22:36:07 GMT
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
  <meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
  <title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
<br>
<br>
Mamta Satoor wrote:<br>
<blockquote
 cite="midd9619e4a0602231119t62dd2554h394b1ec3bad8c93b@mail.gmail.com"
 type="cite">
  <div>Thinking further about&nbsp;database upgrade for&nbsp;<font size="2">EXTERNAL
SECURITY DEFINER | EXTERNAL SECURITY INVOKER information</font>, I
think when a pre-10.2 Derby database is upgraded, the SYSALIASES table
should initialize the new column for external security info with
"true". This "true" for external security&nbsp;means that the routine should
be executed with the invoker's privileges. This will be more
restrictive than granting the execute privileges of the routine
definer. Does that sound right? Once we decide on this, the functional
spec for grant/revoke should be updated with this information.
  </div>
  <div>&nbsp;</div>
  <div>Also, I am thinking of using "EXECUTE_USING_INVOKER_PRIVILEGES"
as column name for new column in SYSALIASES for external security info.
Any other suggestion?</div>
  <div>&nbsp;</div>
</blockquote>
Other choice could be "INVOKERSECURITY". None of the system table
columns use "_", that I could see.<br>
<br>
Satheesh<br>
<blockquote
 cite="midd9619e4a0602231119t62dd2554h394b1ec3bad8c93b@mail.gmail.com"
 type="cite">
  <div>thanks,</div>
  <div>Mamta<br>
  <br>
&nbsp;</div>
  <div><span class="gmail_quote">On 2/22/06, <b
 class="gmail_sendername">Mamta Satoor</b> &lt;<a
 href="mailto:msatoor@gmail.com">msatoor@gmail.com</a>&gt; wrote:</span>
  <blockquote class="gmail_quote"
 style="border-left: 1px solid rgb(204, 204, 204); margin: 0px 0px 0px 0.8ex; padding-left:
1ex;">
    <div>Thanks for sharing your thoughts on this, Satheesh. I will
spend more time on it to see if&nbsp;external security info&nbsp;can be&nbsp;added
as
another column to the SYSALIASES table rather than as another filed to
RoutineAliasInfo. </div>
    <span class="sg">
    <div>&nbsp;</div>
    <div>Mamta<br>
&nbsp;</div>
    </span>
    <div><span class="e" id="q_109932099a9119c7_2">
    <div><span class="gmail_quote">On 2/22/06, <b
 class="gmail_sendername">Daniel John Debrunner</b> &lt;<a
 onclick="return top.js.OpenExtLink(window,event,this)"
 href="mailto:djd@apache.org" target="_blank">djd@apache.org</a>
&gt; wrote:</span>
    <blockquote class="gmail_quote"
 style="border-left: 1px solid rgb(204, 204, 204); margin: 0px 0px 0px 0.8ex; padding-left:
1ex;">Satheesh
Bandaram wrote:<br>
      <br>
&gt;<br>
&gt; Mamta Satoor wrote:<br>
&gt;<br>
&gt;&gt; Satheesh, I was looking through the code last night and saw
following <br>
&gt;&gt; comment, about external security info flag, in
CreateAliasNode.init<br>
&gt;&gt; line 195<br>
&gt;&gt;&nbsp;&nbsp;&nbsp;&nbsp; // GrantRevoke TODO: Figure out how
to save external
security<br>
&gt;&gt; info. Putting this in<br>
&gt;&gt;&nbsp;&nbsp;&nbsp;&nbsp; // RoutineAliasInfo may not be the
best long term solution
      <br>
&gt;&gt; It seems like RoutineAliasInfo will be the logical place to
keep this<br>
&gt;&gt; external security information, similar to the way we keep other<br>
&gt;&gt; information like called on null input, parameter count etc.
Did you <br>
&gt;&gt; have reservations about this approach because we want to move
away<br>
&gt;&gt; from using objects in the system tables (which in this case is<br>
&gt;&gt; AliasInfo in SYSALIASES table)?<br>
&gt;<br>
&gt; Here are some of my concerns about adding another field to <br>
&gt; RoutineAliasInfo.<br>
&gt;<br>
&gt;&nbsp;&nbsp;&nbsp;&nbsp;1. It would become harder to extract this
info from
RoutineAliasInfo<br>
&gt;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; as it is a Java object
for any metadata processing... like in<br>
&gt;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dblook or for other GUI
tools. We would have to document how
      <br>
&gt;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; RoutineAliasInfo gets
generated as a character type and
maintain<br>
&gt;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; that format in the future.<br>
&gt;&nbsp;&nbsp;&nbsp;&nbsp;2. Have to support existing RoutineAliasInfo
instances created
in<br>
&gt;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; existing databases. You
would have to introduce a new <br>
&gt;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; RoutineAliasInfo version
or add a new mapping to another
java object.<br>
      <br>
The RoutineAliasInfo has the correct structure to support expansion. It<br>
writes out an unused value, set at 0. This could be bumped to indicate <br>
that more data needs to be read, e.g. 1 means the external security info<br>
flag is written to disk etc. etc.<br>
      <br>
Dan.<br>
      <br>
      <br>
    </blockquote>
    </div>
    <br>
    </span></div>
  </blockquote>
  </div>
  <br>
</blockquote>
</body>
</html>


Mime
View raw message