>>>>> "Jochen" == Jochen Daum <[email protected]> writes:
Jochen> Account manager would have access rights to his customer
Jochen> records, both checked through PHP and MySQL by-row grant
Jochen> access. Supervisor would have the same access rights and
Jochen> also to his other account managers, both checked through
Jochen> PHP and MySQL by-row grant access.
Having MySQL/PostgreSQL access rights is a must if you have a separate
report application. If you have not, it doesn't buy you anything,
except perhaps insurance against coding mistakes.
It has drawbacks though: users must be given access rights to the
backend database, which has its own security implications.
You need to handle the complexity of transfering the PHP login
(probably cookie based == plain text passwords) to the database
login. You will find that sometimes the PHP application must have
superuser access to the database, so bypassing restrictions, and you
will need to login as unrestricted user anyway. Which implies your
code must be protected against bypasses anyway.
Jochen> What is everyone's opinion if this is a significant
Jochen> increase in security against the wrong account managers
Jochen> seeing customer information?
Summary: I would not do this.
All the best,
Berend.
--~--~---------~--~----~------------~-------~--~----~
NZ PHP Users Group: http://groups.google.com/group/nzphpug
To post, send email to [email protected]
To unsubscribe, send email to
[email protected]
-~----------~----~----~----~------~----~------~--~---
