Hugo Ahlenius wrote:
>
> I actually had in mind an unlimited parent/child relationships in
> the groups. So that the super-parent would be the "Admin" group,
> that all other groups are derived from, like "superusers" inherit
> the rights from the admin group, but with rights X,Y & Z revoked.
> And the "regular users group" is a child of the "superusers" group,
> etc.
You do realize this is a "fail open" model? I.e., if somehing goes
wrong the user defaults to being Admin, instead of being nobody. Most
security systems are designed as "fail close" systems.
Jochem
[Todays Threads]
[This Message]
[Subscription]
[Fast Unsubscribe]
[User Settings]
- ACL database design Hugo Ahlenius
- Re: ACL database design brob
- RE: ACL database design Hugo Ahlenius
- Re: ACL database design brob
- Re: ACL database design Jochem van Dieten
- Re: ACL database design brob
- Re: ACL database design Jochem van Dieten
- Re: ACL database design brob
- Re: ACL database design Jochem van Dieten
- RE: ACL database design Hugo Ahlenius
- RE: ACL database design Hugo Ahlenius
- RE: ACL database design Jochem van Dieten
- Re: ACL database design Geoff Bowers