Hi, To increase security in a proposed application, I'm considering mirroring the PHP based access rights in MySQL. The example I have here is something like an account manager and their supervisor.
Account manager would have access rights to his customer records, both checked through PHP and MySQL by-row grant access. Supervisor would have the same access rights and also to his other account managers, both checked through PHP and MySQL by-row grant access. What is everyone's opinion if this is a significant increase in security against the wrong account managers seeing customer information? Has anyone worked with rows based security on MySQL or possibly on Postgres? Speed is likely not a problem in this application, I would appreciate if it was ignored in this discussion. Kind Regards, Jochen Daum Chief Automation Officer Automatem Ltd Phone: 09 630 3425 Mobile: 021 567 853 Email: [email protected] Skype: jochendaum Website: www.automatem.co.nz http://twitter.com/automatem http://www.xing.com/go/invite/3425509.181107 --~--~---------~--~----~------------~-------~--~----~ NZ PHP Users Group: http://groups.google.com/group/nzphpug To post, send email to [email protected] To unsubscribe, send email to [email protected] -~----------~----~----~----~------~----~------~--~---
