I was trying to setup some access rights this morning on a database, and
kept running into a problem. A form being run as a menu, attached to a
dummy table, had a variable lookup defined in it that pointed to a table
that I had not granted select access to my test username. I didn't realize
that was the problem, and assumed I had forgotten to grant access to the
dummy table, so I did. When I listed the access rights for the test user,
the newly granted access didn't appear.
It looked like this:
User Password Table Access Column
-------------------------------------------
KRONT brine_look SELECT
SIKOC
You notice there isn't anything next to the 2nd user (the test user in this
case).. I tried adding it a couple of more times to no avail. I tried
disconnecting and reconnecting, packing, reloading, etc... Once or twice
what would appear would be multiple instances of SIKOC with essentially
garbage characters after it.. Now I am back to what is shown above.
In addition, LISTing all wouldn't actually show all of the rights granted,
but listing the other user's individually would. I suspect that their
additionally granted rights came after the 'bad' entry shown above.
I have attempted to start from scratch (getting rid of all granted access
rights) and re-setting the OWNER password to PUBLIC. I cannot do this
because of the bad entry!
I noticed during the pack/reload that there is a table called SYS_PASSWORDS,
but access is
denied; I assume it is a "true" system table of some sort.
Is this databased basically ruined in terms of security now? (ie, should I
just reload the data into a new copy?) Or do I have any options?
I would love to see a more robust user access granting/revoking interface in
the next version; it is extremely tedious having to grant access in an
additive fashion and then on top of that having to switch to another display
to see what has been added/granted..but maybe that is a limitation of SQL..
Thanks!
Charley
Charles Sikora
Senior Gas Supply Specialist
Manlove Field
Peoples Energy Corporation
----------------------------------------------------------------
The information transmitted is intended only for the person
or entity to which it is addressed and may contain confidential
and/or privileged material. Any review, retransmission,
dissemination or other use of, or taking of any action in reliance
upon, this information by persons or entities other than the
intended recipient is prohibited. If you received this in error,
please contact the sender and delete the material from any computer.
