Subject Re: [IB-Architect] Re: Some thoughts on IB and security
Author Jim Starkey
At 11:51 AM 4/28/00 -0700, Jason Wharton wrote:
>>I support Jim's plan for plug-in modules that implement security. (In
>>fact, I proposed it myself as a future direction for InterBase a couple
>>of years ago.)
>Could this make it possible to hook into each OS's security interface? I get
>heckled a lot by our WIN NT LAN administrator who thinks that the database
>security should be aware of the NT users and groups and be able to have
>permissions based on that.


>I'd like to see it designed such that looking at the ISC4.GDB is the default
>behavior and that other plug-ins could be used to look elsewhere for their
>security credentials. Each OS could have its own plugin to hook into its
>security system.

Could be one policy among many.

>It would also be nice to have a certain amount of integration for ROLES and
>GRANTS, etc. so that these things could also be controlled at the LAN
>administration level rather than separately at the DBA level.
>I'd also like to see something similar for database aliases. Disclosing the
>physical location of the GDB on the server isn't comfortable to me and it is
>also inconvenient if one decides to relocate it on the server to a new
>volume or something...

A different problem. It is difficult to look into a database to find
where to find the database.

Jim Starkey