November 12, 2001 at 3:30 am
quote:
I disagree especially for the sensitive access. Sooner or later that special person will change and having a role makes that more secure.
"Special person" !never! change. It's public universal access point to secure database /the only one access point/.
Each stored procedure have mandatory input parameter /temporary unique randomized user id, output from proc_user_session_start/.
Emedded security is for additional row level access security, selective encryption, access audit, etc...
November 12, 2001 at 10:25 am
What happens if this is comprimised? Not hacked, but disgruntled employee, etc.
You are still better off with a role. Needs will change. You might disagree, and I'll grant in your case you might be correct, but I stand by this being a "Worst Practice" for development.
Steve Jones
Viewing 2 posts - 16 through 17 (of 17 total)
You must be logged in to reply to this topic. Login to reply
This website stores cookies on your computer.
These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media.
To find out more about the cookies we use, see our Privacy Policy