Re: Database design, Keys and some other things

mAsterdam wrote:
> paul c wrote:
> > dawn wrote:
> >> I favor access to all data & metadata for any users of the database who
> >> have such privileges.
> >
> > Is this a tautology?

yes

> Is that relevant?
>
> I read it as an expression of experience with difficulties in
> accessing relevant data and metadata for somebody who did have
> the authority to access those.

yup - security administration and data/metadata access seems to be a problem everywhere.

>
> How did you read it?
>
> >> This excludes any data that might be used
> >> exclusively by the database (e.g. hash codes).
> >
> >
> > Do this equally mean any data that the user doesn't know about? If so,
> > wouldn't that be a tautology too?

Trying not to distinguish so much among multiple types of users. Some such users are dbas, others are app programmers, and others are end-users. If there is data that a dba can see, then an end-user should be able to have security rights set up for that data/metadata similarly. If a developer should be able to change metadata then give them access, whether test or live.

I do care about security, but lately I've been more interested in the flip side -- access. What if we approached web page security from a "need to know" perspective? I doubt it would be very popular right now.

--dawn Received on Sun Oct 02 2005 - 05:23:26 CEST