Danny Stolle wrote:
hi,
i would like to discuss 'user management' in mysql. Working with Oracle
you can assign users to roles giving them privileges provided by that
role. MySql doesn't have Roles. I have read (Managing and Using MySql,
O'Reilly) 3 options on managing users having multiple ro
should only be able to see my own employee data or some
parts of the data for people reporting to me.} Direct access via SQL
would be extremely limited.
-Original Message-
From: Danny Stolle [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 14, 2005 2:05 PM
To: [EMAIL PROTECTED]; mysql@lists.my
Danny,
>that is an interesting formulation which you gave. can you
please comment
>that with an example? would you create roles for users who are
assigned the
>same privileges and individual users who have multiple roles?
In this fragment from an example, a role has a name (roles.name), eg
Danny Stolle <[EMAIL PROTECTED]> writes:
[...]
> 3. Create multiple user IDs for each role played by each user
> (dannys_arch as an architect, dannys_dev as a developer).
An interesting argument in favor of the much maligned "option 3" is
that it allows users to select which of their privileges
Peter,
that is an interesting formulation which you gave. can you please
comment that with an example? would you create roles for users who are
assigned the same privileges and individual users who have multiple roles?
Best Regards,
Danny Stolle
Netherlands
Peter Brawley wrote:
Danny
/>1.
George,
from a MySql point of view, how would you deal with security on a site?
would you than create individual users?
Best Regards,
Danny Stolle
EmoeSoft, Netherlands
[EMAIL PROTECTED] wrote:
Danny,
My 2 cents (American dollars): From a security standpoint (if you are a financial instit
ber of roles?
Kevin Struckhoff
Customer Analytics Mgr.
NewRoads West
Office 818.253.3819 Fax 818.834.8843
[EMAIL PROTECTED]
-Original Message-
From: Danny Stolle [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 14, 2005 11:12 AM
To: [EMAIL PROTECTED]; mysql@lists.mysql.com
Subject: Re: d
Danny,
My 2 cents (American dollars): From a security standpoint (if you are a
financial institution) you'd would never get away with #2 because there is no
audit trail with multiple users using a "generic" user id.
The MySQL implementation of security is not implemented with auditing and
Danny
>1. Giving the user a Single user ID and assign the privileges to
that user ID
>2. Create role-bases users and have different people share the same
user ID
>for a given role.
>3. Create multiple user IDs for each role played by each user
(dannys_arch
>as an architect, dannys_dev as a
18.253.3819 Fax 818.834.8843
[EMAIL PROTECTED]
-Original Message-
From: Danny Stolle [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 14, 2005 11:12 AM
To: [EMAIL PROTECTED]; mysql@lists.mysql.com
Subject: Re: discuss: user management
Hi Kevin,
yes it is a complex matter, i agree completely
Hi Kevin,
yes it is a complex matter, i agree completely. but how would you plan
this as a dba or the person involved on administrating MySql. For
instance: You would choose option 2 as the preferable one. But what
would you do if somebody would change its role or that the person would
get ot
11 matches
Mail list logo
