I would like to anonymize some DB-tables on the fly to ensure that no one -
not even me as administrator - can perform joins between tables signed with
auth.user_id and tables signed with anonym_user_id but the logged in user
himself. At the same time I would like to be able to perform joins within
the tables signed with anonym_user_id like this:
select a.*, b.*
from table1 a, table2 b
where a.anonym_user_id = b.anonym_user_id
even if the user is not logged in. This means the system has to assign on
login the same anonym.user_id to the user, otherwise I couldn't perform
joins using it as a key.
My idea is to extend the auth_user table with two fields (user_salt,
user_prefix) generated on registration and filled with a UUID. On login the
user would get assigned a hash like this:
If I understand the hashing process correctly than the following:
>>> a =
guarantees a proper anonymization. Or do I miss something?
My question is: do I introduce any security back doors when I save the
above anonym_user_id, user_salt, user_prefix and the
original auth_user.password in the same DB but in different tables? Can
someone crack the user passwords because of this?
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
You received this message because you are subscribed to the Google Groups
To unsubscribe from this group and stop receiving emails from it, send an email
For more options, visit https://groups.google.com/d/optout.