A very useful feature in some database systems is the ability to restrict who can run certain external or stored
procedures,and to grant extra access rights to users when they do run those procedures.
The usefulness of this may not be imediately obvious, but it is a very powerful feature, especially for preserving
integrityand security:
Simple uses include:
1. Make all tables 'read-only', then all updates must happen through procedures. The procedures can make data-based
securitychecks, and can ensure integrity.
2. Make some tables unreadable, then data can only be retrieved via procedures. Once again, data-based security can be
achieved.
The way this is implemented it to specify that when a procedure is run by *any* user, the procedure runs with the
accessrights of another user/group/entity.
Procedures must also have security associated with them: it is necessary to grant 'execute' access on procedures to the
userswho need to execute them.
Since this *seems* like it is not likely to get too far into the internals of the optimizer, and seems to be an area
thatis not under active development by others, and since I am looking for a way to contribute to development, I would
beinterested in comments that:
1. Tell me if this is much bigger than I think it is.
2. Tell me if it sounds useful.
3. Is a good learning excercise.
4. If it is stepping on other people's toes.
5. How to do it 8-}
I look forward to comments and suggestions...I think.
----------------------------------------------------------------
Philip Warner | __---_____
Albatross Consulting Pty. Ltd. |----/ - \
(A.C.N. 008 659 498) | /(@) ______---_
Tel: +61-03-5367 7422 | _________ \
Fax: +61-03-5367 7430 | ___________ |
Http://www.rhyme.com.au | / \| | --________--
PGP key available upon request, | /
and from pgp5.ai.mit.edu:11371 |/