Leyne, Sean wrote:

>My goal is to make the job of security management straight-forward easy
>to understand and without having to go through hoops each time you want
>to perform an action.
>
>

Sean, there aren't any hoops to jump through. If you don't understand
or don't need the the ability to activate roles, ignore the feature, and
you will get the same effect as the standard. If you need it, it's
there. You don't need it, but people who write web applications do.

>I am trying to make the database access/security metaphor the same as
>network security.
>
>

What does network security have to do with anything? Other than
firewalls, there's no such thing as network security.

>Users belong to groups/roles, object security is assigned to user or
>group. User logs in; user inherits all the rights granted to them
>explicitly or via their group/role membership.
>
>

We don't have a concept of group and nobody has made a convincing
argument that we should. The two concepts have close to 100% overlap.

>If I had my way, we would drop the whole "specify role at login" but
>that maybe to radical for some.
>
>
>

Your security model is too weak and antiquated for web applications
where a single application server services many classes of users. You
model says that all application server connections are alike and the
responsibility for enforcing security belongs to the application
programmer, not the database system. This makes for expensive, bad,
insecure applications. A security framework is effective if the
security controls be implemented so the application controls the policy
that the database system enforces. Firebird can't do this now, but
could be easily extended to do so.

--

Jim Starkey
Netfrastructure, Inc.
978 526-1376