Subject RE: [IB-Architect] Messaging API
Author Leyne, Sean
Simple really!

*Who cares!!!!!!!!*

There is no security for events, why should there be for messages?

The fact that messages would be available to all clients does not in and
of itself pose any security risk.

The content of the actual message, which might need security, is an
*implementation* issue to be addressed by the programmer. Nothing says
that I have to publish a meaningful message (ie.
CreditCard=1234-1232-1231-1231 vs CreditCard=789 [where 789] is the ID
of the row that changed) . Using the RowID approach would then require
the receiving client to access the table, which would require the
appropriate rights.

I say, we should use KISS (Keep it simple stup*d <sic>)!


Sean
-----Original Message-----
From: Jim Starkey [mailto:jas@...]
Sent: Wednesday, May 17, 2000 11:50 AM
To: IB-Architect@egroups.com; IB-Architect@egroups.com
Cc: Bill Karwin
Subject: Re: [IB-Architect] Messaging API

At 10:34 AM 5/17/00 -0400, Jim Starkey wrote:
>Following the theme proposed by Mr. Bill Karwin...


A problem with the proposal is security -- anybody connected
to the database can get any messages. Does anybody have
any idea of how this might be extended for SQL-like
security?

Jim Starkey

------------------------------------------------------------------------
Free Music: Take it with you! Diamond Rio MP3 Players
2 hours of play-time as low as $205.95 at eGroups' Group Buying
http://click.egroups.com/1/4186/4/_/830676/_/958578727/
------------------------------------------------------------------------

To unsubscribe from this group, send an email to:
IB-Architect-unsubscribe@onelist.com