Hello, I am in the position where I need row level user access, this is crucial in my current project. I know this has been discussed before and the answer has been "use views when they become availble". But views would still allow the "root" user access to the complete table, wouldnt it? I would like to lock rows to certain user and not let anyone else see them, not even the root user.
I have been thinking about using heap tables or trying to supply each user/group with their own dynamically created tables. But I always come to the conclusion that I am hacking away at something I do not fully understand and that I cannot guaranty that the end result will have the security I claim.
Is this possible in MySQL? Does anyone know if it cab be performed with other RDBMS?
How many users do you have? If fewer than 10, why not just create 10 different tables and put a different user password on each?
How are they accessing this information? If it is through a program that you've written, then all you need to do is wrap an AND clause around each Where clause that gets constructed.
Example:
Select * from table1 where date > = '2004-01-01'
becomes
Select * from table1 where (date > = '2004-01-01') and useridcol = LoginId
So you add "( )" around the existing where clause, and add "AND useridcol = LoginId" to the end of each of these WHERE clauses. Each of these user tables has a UserIdCol which can be an ENUM (or SET if more than 1 user can see it) and LoginId is the user id that was used to log into your program with. All of the database passwords are handled by your program and you don't give out any MySQL passwords to your users. This prevents the users from accessing the database unless it is through your program.
Mike
-- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
