| Subject | Permissions to untrusted users |
|---|---|
| Author | personalsoft_fabiano |
| Post date | 2009-10-01T14:04:22Z |
Hi all,
Today i had to grant an access to a database to an untrusted user.
When i say untrusted i mean a user who needs to insert some information in my database but i don´t want him to see my tables or my data.
So i choose to create a stored procedure, a role and a user, grant the role permission to execute this procedure, and grant the role to the user.
user: foo
role: b2b_integration
procedure: b2b_login
My first steps were:
* create the role
* create the user
* grant the role to the user
* create the procedure
* grant the procedure execution to the role
After that i had some problems, and i would like to know if i´m missing something or this is as designed:
1) Ater connect to the database using ISQL, user FOO and role B2B_INTEGRATION, i couldn´t execute the procedure. I had to grant select on rdb$relations, rdb$procedures, rdb$procedure_parameters, rdb$fields, rdb$character_sets, rdb$collations and rdb$types to be able to execute the procedure.
Question: If this is the right way to do it, it means any (potentially untrusted) user who needs to access my database will be able to see at least my tables, views and procedures names?
2) After grant all selects above, i couldn´t execute the procedure yet. I had to grant rights to all objects used by the procedure to the procedure itself.
Question: I have a predefined role with full access to all database objects. Is it possible to grant this role to the procedure, instead of grant each object, one by one?
3) The majority of database management tools (if not all of then), including flame robin, doesn´t allow a user connect to the database without having select grants on a bunch of system tables.
Question: Wouldn´t it be interesting if a user without permissions on system tables could connect to a database and execute a procedure or select from a table if he has the rights over them?
Regards,
Fabiano
Today i had to grant an access to a database to an untrusted user.
When i say untrusted i mean a user who needs to insert some information in my database but i don´t want him to see my tables or my data.
So i choose to create a stored procedure, a role and a user, grant the role permission to execute this procedure, and grant the role to the user.
user: foo
role: b2b_integration
procedure: b2b_login
My first steps were:
* create the role
* create the user
* grant the role to the user
* create the procedure
* grant the procedure execution to the role
After that i had some problems, and i would like to know if i´m missing something or this is as designed:
1) Ater connect to the database using ISQL, user FOO and role B2B_INTEGRATION, i couldn´t execute the procedure. I had to grant select on rdb$relations, rdb$procedures, rdb$procedure_parameters, rdb$fields, rdb$character_sets, rdb$collations and rdb$types to be able to execute the procedure.
Question: If this is the right way to do it, it means any (potentially untrusted) user who needs to access my database will be able to see at least my tables, views and procedures names?
2) After grant all selects above, i couldn´t execute the procedure yet. I had to grant rights to all objects used by the procedure to the procedure itself.
Question: I have a predefined role with full access to all database objects. Is it possible to grant this role to the procedure, instead of grant each object, one by one?
3) The majority of database management tools (if not all of then), including flame robin, doesn´t allow a user connect to the database without having select grants on a bunch of system tables.
Question: Wouldn´t it be interesting if a user without permissions on system tables could connect to a database and execute a procedure or select from a table if he has the rights over them?
Regards,
Fabiano