| Subject | Re: [IB-Architect] Re: Some thoughts on IB and security |
|---|---|
| Author | Bill Karwin |
| Post date | 2000-04-29T22:02:57Z |
rfm@... wrote:
roles. If we want a SQL mechanism to map to OS groups, then InterBase
could implement a groups concept (in fact it has it already, doesn't
it?). But SQL roles ain't it.
discussing a "security plugin"? An "authentication plugin" would be a
more accurate description.
The idea of an "encryption plugin" can also be discussed, but at least
we'll distinguish the features by using different terminology.
Bill Karwin
> Yeah. What I had in mind would only happen at authentication time,I want to repeat my opinion that OS groups should not correspond to SQL
> and could be as simple as saying that 'these OS groups correspond
> to the SQL roles of the same name' Or even 'all OS groups correspond
> to the SQL role of the same name'. My point being that it should not
> just be 'any user who can log onto the OS can use the database'
roles. If we want a SQL mechanism to map to OS groups, then InterBase
could implement a groups concept (in fact it has it already, doesn't
it?). But SQL roles ain't it.
> OK. What I was trying to say is that 1) some people want encryptionAgreed. Can I suggest that we stop calling this plugin we've been
> of all data that is sent over the wire, or of database files on disk,
> 2) Security plugins would >NOT< provide this.
discussing a "security plugin"? An "authentication plugin" would be a
more accurate description.
The idea of an "encryption plugin" can also be discussed, but at least
we'll distinguish the features by using different terminology.
Bill Karwin