| Subject | Re: [firebird-support] Can a trigger not to be fired by a dedicate user (application)? |
|---|---|
| Author | Nando Dessena |
| Post date | 2005-01-07T07:41:52Z |
Ann,
A> is that there's no way to insure that an application is what it claims
A> to be
sure, but that depends on how you implement it. The concept itself is
not secure or insecure. You could restrict the use of an application
name only to those to which you have granted it, like you do with
roles. Would that be a duplication of the role concept? For the most
part, yes. As I said I find the current tools adequate already.
Ciao
--
Nando Dessena
http://www.flamerobin.org
======================================================
I support Firebird, I am a Firebird Foundation member!
Join today at http://www.firebirdsql.org/ff/foundation
======================================================
>> ... replication ... where you don't want some ofA> The advantage of checking the user (or role) rather than the application
>> the target's database insert/update triggers to fire for various
>> reasons ... done by checking CURRENT_USER and reserving
>> special user names to the tools (like the replicator).
A> is that there's no way to insure that an application is what it claims
A> to be
sure, but that depends on how you implement it. The concept itself is
not secure or insecure. You could restrict the use of an application
name only to those to which you have granted it, like you do with
roles. Would that be a duplication of the role concept? For the most
part, yes. As I said I find the current tools adequate already.
Ciao
--
Nando Dessena
http://www.flamerobin.org
======================================================
I support Firebird, I am a Firebird Foundation member!
Join today at http://www.firebirdsql.org/ff/foundation
======================================================