Hi all, I'm wondering about row level privilages - being able to restrict what people see and can update etc on a row level as well as a column/table level.
I know that I can implement it in my program (which is what I'm currently doing) but unless it's in the backend db then every program that is written to work with the data must also include it and it doesn't protect against people using a client to connect directly and make changes or view data they shouldn't see. The only other way I've thought of is to have all of the programs go through middleware sort of thing that implements this and then accesses mysql using it's own login so that no one has direct access to mysql, but it is messy and means that much of the built in security in mysql would need to be duplicated by the middleware, and it would probably be slow etc etc. So, anyone got any ideas about how you'd best go about this? Will triggers/ store proceedures help (or does it need to be in the engine of the database to really work)? Any thoughts appreciated, cheers, noel --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
