Do many of you implement fine grained security provisions
at the DBMS level using GRANT PRIVILEGE ON object TO
user/role? My background with DBMS security is mostly in
CODASYL shallow network systems where user level access
control to datasets and fields was mainly a matter for the
application and / or operating system. Therefor the
number of user ids known to the DBMS was minimal.
The topic of RDBMS security has arisen in a discussion
and, lacking evidence of my own, I am curious to discover
just how frequently DBMS userids tied to specific
individuals are used in production RDBMS based systems. I
am also curious to know how often VIEWS are tied to
individual user IDs known to the DBMS rather than to
shared user IDs known only to an application through a
configuration file.
This is not really a PG specific question so if anyone
wishes to reply privately rather than to the list that is
fine with me.
Thanks,
--
*** E-Mail is NOT a SECURE channel ***
James B. Byrne mailto:ByrneJB@Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3