[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[no subject]
- <!--x-content-type: text/plain -->
- <!--x-date: Fri Jan 23 20:54:23 2004 -->
- <!--x-from-r13: qnafpbk ng zvaqfcevat.pbz (Rnaal Qbk) -->
- <!--x-message-id: 1074908899.25085.40.camel@pip -->
- <!--x-reference: Pine.LNX.4.44.0401231350550.31894-[email protected] --> "http://www.w3.org/TR/html4/loose.dtd">
- <!--x-subject: [ale] [OT] securing sensitive data -->
- <li><em>date</em>: Fri Jan 23 20:54:23 2004</li>
- <li><em>from</em>: danscox at mindspring.com (Danny Cox)</li>
- <li><em>in-reply-to</em>: <<a href="msg00956.html">[email protected]</a>></li>
- <li><em>references</em>: <<a href="msg00956.html">[email protected]</a>></li>
- <li><em>subject</em>: [ale] [OT] securing sensitive data</li>
Back a couple of years ago, when I was doing Ingres consulting and we
had wood burning computers ;-):
Ingres had permissions for both users and groups, and roles. For any
table or view, you could grant select/update/delete/insert permissions
to users, groups, and roles.
The users and groups you understand. They're just like the Linux
ones. Roles were cute: a process (the cannonical meaning) could be
granted a "role" of X, where X was a previously created arbitary name.
That role, then acted like a user, gaining or being denied the 4
permissions.
One cool idea was: deny all access to a table. Then create views of
that table, and grant users, groups, or roles permissions on the
individual views. You had lots of flexibility that way, hiding certain
columns, and exposing others.
Now, I have no idea if PostgreSQL has GRANTs or ROLEs or not, but if it
does, or if MySQL does, then that's an option to consider.
--
kernel, n.: A part of an operating system that preserves the
medieval traditions of sorcery and black art.
Danny
</pre>
<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->
<hr>
<!--X-Follow-Ups-End-->
<!--X-References-->
<ul><li><strong>References</strong>:
<ul>
<li><strong><a name="00956" href="msg00956.html">[ale] [OT] securing sensitive data</a></strong>
<ul><li><em>From:</em> jtaylor at onlinea.com (J.M. Taylor)</li></ul></li>
</ul></li></ul>
<!--X-References-End-->
<!--X-BotPNI-->
<ul>
<li>Prev by Date:
<strong><a href="msg00982.html">[ale] [Fwd: ALERT - GroupShield ticket number OA1074893920_593_3_PHOENIX was generated]</a></strong>
</li>
<li>Next by Date:
<strong><a href="msg00977.html">[ale] affordable virtual hosting or collocation in atlanta</a></strong>
</li>
<li>Previous by thread:
<strong><a href="msg00962.html">[ale] [OT] securing sensitive data</a></strong>
</li>
<li>Next by thread:
<strong><a href="msg00979.html">[ale] [OT] securing sensitive data</a></strong>
</li>
<li>Index(es):
<ul>
<li><a href="maillist.html#00976"><strong>Date</strong></a></li>
<li><a href="threads.html#00976"><strong>Thread</strong></a></li>
</ul>
</li>
</ul>
<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->
</body>
</html>