Darren New wrote:
> I've never built a system where the database privs are the primary
> access control mechanism. Indeed, I've never really build an application
> (yet) where there's more than one completely independent application
> accessing the database. (At which point I'd imagine database-level privs
> would be more important.)
>
> What's a good way to regularize the database privs with (say) what you
> show on the screen?
>
As dirty as it sounds (and is), most systems I've seen handle the actual
db with full access (or at least with permissions that are "enough") and
the frontend takes care of the permissions.
:(
--
Eero "Aero" Ahonen
http://www.zbxt.net
aer### [at] removethiszbxtnetinvalid
Post a reply to this message
|