Subject Re: Users can create anything?!?
Author richardghayward
Hi Sam,

> "Users" are NOT normally allowed to log into the FB server.
> Why are yours?
> Your app should be providing appropriate privleges/access rights to
> necessary data.
>

Because security should be the responsibility of the server, not a
client application. I want to give users the freedom to use any FB
client they want, IBOconsole, IB_SQL , ibWebAdmin or whatever.

> If your users need to query the data, provide them with a tool with a
> dedicated read-only datasource.

Well following that line of reasoning, why bother having a server that
understands how to grant or withhold select permissions at all?

regards
Richard