Hi Geoff.

I initially tried posting this via the atkin news server, but it
seems not to have worked. Apologies if I end up with a duplicate.

On Wed, 25 May 2005 Geoff Worboys wrote:

> they can also change the value of generators

aarrrgh!!!! Thanks for that information.

>I use an less than perfect solution to these in my systems...

>When the a non-admin user logs on to my application their
>password is not used directly. Instead it is processed by
>a hash function, the result of which is turned into a string
>and that is provided as the password.

In my situation, the database developers develop only the database.
User interface stuff is to be developed by other people at other
places, who the database developers may not even know. The database
developers are to provide an interface, eg views and procedures for
the writers of client side components to use. The database developers
need to be sure that, however clients end up getting coded, they
can't do anything very bad because they can only access the database
via procedures, and those procedures do indeed perform legitimate
operations.

Thats the theory. If its possible in practice remains to be seen.

regards
Richard