| Subject | Re: How to create a user with read-only limited access to only one table? |
|---|---|
| Author | Adam |
| Post date | 2006-05-24T23:45:36Z |
--- In firebird-support@yahoogroups.com, "Eduardo A. Salgado"
<eas@...> wrote:
handle this. I really don't like the idea of granting any direct
access to the web. It just leaves you open for any security flaws that
may be in FB. At least with a layer in front, you make the job a lot
more tricky and can look at over the wire encryption etc.
If you wanted a FB only thing, you could create a role with limited
permissions, grant that role only to webuser. I can not tell you
whether IBExpert will show the other table names (they can't select
from it, but the table names themselves is stored in one of the RDB$
tables that everyone needs select access to).
Adam
<eas@...> wrote:
>I would personally create a service using RemObjects or equivalent to
> Trying to create a user with read-only limited access to only one
> table. Finding that this user still can see the meta-data (at least
> when logging in and using a tool like IBExpert).
>
> How can I define a user (for example: WebUser) with very limited roles
> and priviledges so s/he can see only one table and then only read info
> from that table yet not be able to see any other database tables
> information?
handle this. I really don't like the idea of granting any direct
access to the web. It just leaves you open for any security flaws that
may be in FB. At least with a layer in front, you make the job a lot
more tricky and can look at over the wire encryption etc.
If you wanted a FB only thing, you could create a role with limited
permissions, grant that role only to webuser. I can not tell you
whether IBExpert will show the other table names (they can't select
from it, but the table names themselves is stored in one of the RDB$
tables that everyone needs select access to).
Adam