In response to "Roberts, Jon" <Jon.Roberts@xxxxxxxxxxx>: > > > In an ideal world, if a user can't modify a function, he/she shouldn't > > be > > > able to see the source code. If the user can execute the function, then > > the > > > user should be able to see the signature of the function but not the > > body. > > > > I doubt that's going to happen. Mainly because I disagree completely > > with your ideal world description (any user who can execute a function > > should have the right to examine it to see what it actually does). > > That is like saying anyone that has rights to call a web service should be > able to see the source code for it. I think that's a good idea. If vendors were forced publish their code, we'd have less boneheaded security breaches. > There should be the ability to create > some level of abstraction when appropriate. I agree. If vendors want to have boneheaded security breaches, they should be allowed. > However, in the current configuration, all users with permission to log in > can see all source code. They don't have rights to execute the functions > but they can see the source code for them. Shouldn't I be able to revoke > both the ability to execute and the ability to see functions? Um ... why did you snip my second paragraph where I said exactly this? -- Bill Moran Collaborative Fusion Inc. http://people.collaborativefusion.com/~wmoran/ wmoran@xxxxxxxxxxxxxxxxxxxxxxx Phone: 412-422-3463x4023 ---------------------------(end of broadcast)--------------------------- TIP 5: don't forget to increase your free space map settings
