db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rick Hillegas <Richard.Hille...@Sun.COM>
Subject Re: [jira] Commented: (DERBY-2437) SYSCS_EXPORT_TABLE can be used to overwrite derby files
Date Mon, 09 Jul 2007 21:08:43 GMT
Daniel John Debrunner wrote:
> Rick Hillegas (JIRA) wrote:
>>     [ 
>> https://issues.apache.org/jira/browse/DERBY-2437?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12511232

>> ]
>> Rick Hillegas commented on DERBY-2437:
>> --------------------------------------
>>
>> The attack seems to depend on the DBA's ethics and her judgment about 
>> delegating responsibility.
>
> Not sure what the point you are trying to make here.
>
> If everyone was honest we wouldn't need security.
>
> Dan.
I'm just focusing attention on the DBA role. Derby is vulnerable in many 
ways to anyone who can create a database.

Regards,
-Rick

Mime
View raw message