| Subject | Re: [firebird-support] Can a trigger not to be fired by a dedicate user (application)? |
|---|---|
| Author | Ann W. Harrison |
| Post date | 2005-01-06T16:46:52Z |
Nando Dessena wrote:
is that there's no way to insure that an application is what it claims
to be, but to pretend to be a user, you've got to know the password.
Giving rights to applications (e.g. gbak) has often seemed like a simple
trick to get around unpleasant problems, but its not secure.
Regards,
Ann
>The advantage of checking the user (or role) rather than the application
> ... replication ... where you don't want some of
> the target's database insert/update triggers to fire for various
> reasons ... done by checking CURRENT_USER and reserving
> special user names to the tools (like the replicator).
is that there's no way to insure that an application is what it claims
to be, but to pretend to be a user, you've got to know the password.
Giving rights to applications (e.g. gbak) has often seemed like a simple
trick to get around unpleasant problems, but its not secure.
Regards,
Ann