On Sat, 9 Jul 2011, Chris Travers wrote:

> As I am starting into this there are a couple of necessary changes.
>
> The biggest is that rewrite rules are not going to be good ideas here.
> They effectively prevent permissions from being properly enforced on
> the DDL level.  Triggers have the same problem.  Therefore looking at
> requiring modules to have their own stored procs for inserting file
> attachments.
>
> I am not sure what happens with triggers and inheritance and so not
> going down that road, but using rewrite rules only.....
>
> Feedback on this would be appreciated.

Unfortunately, I at least can't provide any.  I do not understand what you 
mean by "rewrite rules".

All I can suggest, which you've probably already considered, is to push as 
much functionality as high as possible, and enforce permissions by shell 
procs at the module level.  Keep the main logic above that.

Luke

------------------------------------------------------------------------------
All of the data generated in your IT infrastructure is seriously valuable.
Why? It contains a definitive record of application performance, security 
threats, fraudulent activity, and more. Splunk takes this data and makes 
sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-d2d-c2
_______________________________________________
Ledger-smb-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/ledger-smb-devel

Reply via email to