Worst Practices - Assigning Users Rights

  • quote:

    I disagree especially for the sensitive access. Sooner or later that special person will change and having a role makes that more secure.

    "Special person" !never! change. It's public universal access point to secure database /the only one access point/.

    Each stored procedure have mandatory input parameter /temporary unique randomized user id, output from proc_user_session_start/.

    Emedded security is for additional row level access security, selective encryption, access audit, etc...

  • What happens if this is comprimised? Not hacked, but disgruntled employee, etc.

    You are still better off with a role. Needs will change. You might disagree, and I'll grant in your case you might be correct, but I stand by this being a "Worst Practice" for development.

    Steve Jones


Viewing 2 posts - 16 through 16 (of 16 total)

You must be logged in to reply to this topic. Login to reply