[
https://issues.apache.org/jira/browse/DERBY-2207?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12527522
]
Rick Hillegas commented on DERBY-2207:
--------------------------------------
Thanks for rev 2 of the spec, Dag. This is very clear now! I have a couple
small remarks:
5.4 (Granting a privilege to a role) I became a little muddled reading this
section. I think it would be easier to understand if the next to last paragraph
read "grant privileges on that object to a role"
5.8 (Revoking privileges from a role) I became a little muddled by the
reference to PUBLIC. Is PUBLIC semantically a) the union of all users, b) the
root of the role graph, or c) both? I suspect it is (a). I think this section
would be easier to read if it were phrased in terms of the privileges enjoyed
by the session.
6.2 (Catalog changes) +1 to the ISDEF field!
> Improve usability of Derby's client/server security by implementing ANSI Roles
> ------------------------------------------------------------------------------
>
> Key: DERBY-2207
> URL: https://issues.apache.org/jira/browse/DERBY-2207
> Project: Derby
> Issue Type: New Feature
> Components: Security, SQL
> Reporter: Rick Hillegas
> Assignee: Dag H. Wanvik
> Attachments: spec.html, spec.html
>
>
> Implementing ANSI Roles will make it easier to manage security for multi-user
> applications with high user turnover.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
