On Thu, 2004-04-29 at 18:57 +0200, Joolz wrote:
>
> I have to think about it long and hard :-), the extra "layer" makes
> things more secure, I would only have to register username (for
> auditing purposes) plus the "role" in session variables, which could
> be md5()'d. Still, the extra layer is from a logical point of view
> redundant and thus errorprone.
>
> Still, it might be a good idea. If anyone cares to share their opinion
> on the matter (or discuss how you handled this), TIA!
For myself, I handle security roughly as follows:
Password is stored as a salted md5, which means that two users with the
same password have different on-disk records of it.
Logged in user gets a session cookie which is an md5 of random data plus
a session id. The session id is looked up, and the random data (which
is only known server-side) is validated. Of course the session id is
predictable, but the random data is not.
I use a general user-id to access the database, rather than database
users and permissions. I generally find that the database permissions
model is not a good fit to the permissions I want for my website.
Hope this is of interest,
Andrew McMillan.
-------------------------------------------------------------------------
Andrew @ Catalyst .Net .NZ Ltd, PO Box 11-053, Manners St, Wellington
WEB: http://catalyst.net.nz/ PHYS: Level 2, 150-154 Willis St
DDI: +64(4)916-7201 MOB: +64(21)635-694 OFFICE: +64(4)499-2267
-------------------------------------------------------------------------