On 10/10/11 12:26, Vlad Khorsun wrote: >> On 10/10/11 11:53, Vlad Khorsun wrote: >>>> At the first glance it's possible to avoid loading trigger's body with >>>> WHEN clause. >>> Should we check permissions of trigger's code ? If yes - we will load >>> it anyway at query (insert\update\delete) prepare time. >> We should not check permissions of trigger in that case. Imagine clause: >> >> WHEN CURRENT_USER != 'SYSDBA' > If such clause is inside trigger code then it not affects security checks > and > *whole* trigger code is checked. SQL standard says something about security > checks for conditional triggers ?
It says nothing about conditional triggers at all - at least I've failed to find such mention. But a lot of SQL servers (MySQL, Oracle, Postgress) have them. ------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity and more. Splunk takes this data and makes sense of it. Business sense. IT sense. Common sense. http://p.sf.net/sfu/splunk-d2dcopy1 Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
