Thanks, Satheesh. FYI, Francois is in France for a family emergency,
so you may not hear from him.
David
Satheesh Bandaram wrote:
I am getting ready to submit a patch for review, that adds parts of
Grant and Revoke Part II support. With this patch, I am trying to
enforce table privileges that are granted to users using Part I patch
that is already submitted. After this patch, I will work on adding
upgrade support to upgrade a 10.1 database to 10.2, JDBC metadata
changes and migration model for legacy database to enable grant and
revoke functionality. Once all these changes are done, I will then try
to address other parts of the spec, like routine privileges, views and
triggers. Let me know if there are any concerns or comments on this plan.
I am not sure if previous discussion about migrating a legacy mode
database to Grant Revoke model was finalized. It seems there were two
thoughts:
1. Keep authorization models separate. Legacy mode database can be
migrated to sqlStandard model by connecting with a URL property.
(sqlAuthorization=true)
2. Dan proposed combining both models with Grant and Revoke
capability being seen as adding fine-grain access control on top
of current model. While this proposal doesn't impact Grant and
Revoke work being done currently by much, it may have implications
on some future work. (like system privileges) This does make it
easier for existing databases to adapt new capabilities.
Satheesh
Daniel John Debrunner wrote:
Satheesh Bandaram wrote:
I think mixing both will lead to confusion to users many already
familiar with the ansi subset model being proposed. This will also
create hurdles as we expand authorization scheme to support roles and
"system privileges" as Francois calls them and other security capabilities.
I'm more proposing this to deal with existing Derby applications and
finding an easy way to bring them into the new world of grant revoke.
Users familiar with the ansi subset model would just use that, no need
to get involved with the defaultConnectionModel. Though until roles and
system privileges is supported, they might need to to ensure a secure
system. I haven't seen any proposal on these roles or system privileges
so I'm looking at how secure Derby will be in its next release given
what has been proposed and is being worked on.
Dan.
begin:vcard
fn:David W Van Couvering
n:Van Couvering;David W
org:Sun Microsystems, Inc.;Database Technology Group
email;internet:[EMAIL PROTECTED]
title:Senior Staff Software Engineer
tel;work:510-550-6819
tel;cell:510-684-7281
x-mozilla-html:TRUE
version:2.1
end:vcard
