| Subject | Re: [firebird-support] App security schema using Firebird |
|---|---|
| Author | Ann W. Harrison |
| Post date | 2008-03-05T17:00:42Z |
Ivo,
"natural" but security isn't very natural either.
though that doesn't solve anything immediately. You need to
determine which sets of users need which types of access to
which sets of data.
procedures" to "no one has any access rights to tables except
through procedures". I'd probably use a mix - protecting very
sensitive data by granting access only through procedures, and
using views to partition tables horizontally and vertically
for specific users.
on the list who will be glad to help.
Good luck,
Ann
>That gives you more flexibility and control. It doesn't feel
> Thinking a little more about your answers, I could think of a system
> completely interfaced by procedures and views.
"natural" but security isn't very natural either.
> We use views today, butYou can change the tables to views without changing applications
> inserts/updates/deletes are made directly to the tables, in many
> cases.
though that doesn't solve anything immediately. You need to
determine which sets of users need which types of access to
which sets of data.
> Should we put everything under procedures? Is this considered aThere are many opinions about that ranging from "we never use
> 'good practice'? As you can see, I need some experienced counseils...
procedures" to "no one has any access rights to tables except
through procedures". I'd probably use a mix - protecting very
sensitive data by granting access only through procedures, and
using views to partition tables horizontally and vertically
for specific users.
>It's not off topic and there are many very experienced people
> I've sent this in private 'cause I think it is going OT, ok?
>
on the list who will be glad to help.
Good luck,
Ann