November 12, 2001 at 3:30 am
quote:
I disagree especially for the sensitive access. Sooner or later that special person will change and having a role makes that more secure.
"Special person" !never! change. It's public universal access point to secure database /the only one access point/.
Each stored procedure have mandatory input parameter /temporary unique randomized user id, output from proc_user_session_start/.
Emedded security is for additional row level access security, selective encryption, access audit, etc...
November 12, 2001 at 10:25 am
What happens if this is comprimised? Not hacked, but disgruntled employee, etc.
You are still better off with a role. Needs will change. You might disagree, and I'll grant in your case you might be correct, but I stand by this being a "Worst Practice" for development.
Steve Jones
Follow me on Twitter: http://www.twitter.com/way0utwest
Forum Etiquette: How to post data/code on a forum to get the best help
My Blog: www.voiceofthedba.com
Viewing 2 posts - 16 through 16 (of 16 total)
You must be logged in to reply to this topic. Login to reply