Hi. There's no question that this will significantly increase security, as it makes it far less likely that a single exploit / coding error will provide the means to gain access to sensitive data. Using multiple layers of security is essential for good security in a networked environment. Obviously, not all information needs this level of security, and some information needs greater security.
I'm assuming from your description that the supervisor's database password will not be stored in a config file or hardcoded in PHP as this would leave the system open to any exploit which provided a means to access files on the website... Keeping access logs is also a good idea for this type of information -- that way if an account manager accesses all the clients' details (even if it's just his own clients) and then resigns the next day to start his own business (and unlawfully uses the client database) there's a record of access that may prove useful. -Craig On Jul 28, 12:46 pm, Jochen Daum <[email protected]> wrote: > To increase security in a proposed application, I'm considering mirroring > the PHP based access rights in MySQL. > [...] > What is everyone's opinion if this is a significant increase in security > against the wrong account managers seeing customer information? --~--~---------~--~----~------------~-------~--~----~ NZ PHP Users Group: http://groups.google.com/group/nzphpug To post, send email to [email protected] To unsubscribe, send email to [email protected] -~----------~----~----~----~------~----~------~--~---
