Alex Peshkoff wrote: > On 02/07/15 03:20, Geoff Worboys wrote: >> Simple? Well, I guess it is if I don't have any care about >> security. But context variables are not the way to do this >> sort of thing, load on demand from a secured table is a less >> open way of dealing with such private data.
> In FB3 one also can rather safely (certainly using encrypted > network connection) send password to procedure as parameter. > What about trace facility - luckily only SYSDBA can trace > other user's activity, i.e. I do not treat this as high > security risk. Take into an account that SYSDBA can change > any password and trace ALTER USER commands issued by others. Still, the less you have to pass passwords around the better. >> But I got exactly what I wanted, without spreading passwords >> around, with just a few lines of code in ExtDS.cpp, which >> was simple enough for me. I don't know why the restriction >> was coded originally, but removing it works and I can't see >> any obvious downsides (I'm already using a lightly customised >> build of Firebird for this application, so another small >> change is not a problem to me). > Do you plan to provide a patch? I hadn't really thought about it. The current restriction is well documented - hence I thought it must be intentional, even if I can't work out why. I'll test it some more (against multiple queries etc.) and if it comes out okay I'll raise a ticket and put the patch in with it. -- Geoff Worboys Telesis Computing Pty Ltd ------------------------------------------------------------------------------ Dive into the World of Parallel Programming. The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
