db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mike Matrigali <mikem_...@sbcglobal.net>
Subject Re: [jira] Commented: (DERBY-2437) SYSCS_EXPORT_TABLE can be used to overwrite derby files
Date Mon, 09 Jul 2007 19:02:29 GMT


Rick Hillegas (JIRA) wrote:
>     [ https://issues.apache.org/jira/browse/DERBY-2437?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12511221
] 
> 
> Rick Hillegas commented on DERBY-2437:
> --------------------------------------
> 
> I am trying to wrap my  mind around how much incremental exposure is introduced by the
ability to import/export LOBs. In a properly secured system, this power would be limited to
the database owner. Currently, the database owner enjoys godlike powers, including the ability
to read and change everyone's passwords. If I were a DBA bent on increasing my salary, I don't
think I would use import/export to do this. The following seems like a much more straightforward
approach:
> 
This is what I have been looking for.  What does a properly secured 
system do to prevent import/export?  I have been looking around in the
documentation but not quite sure where to look.  Is this a grant/revoke 
thing?

Mime
View raw message