Danny Stolle <d.stolle@stripped> writes:
> 3. Create multiple user IDs for each role played by each user
> (dannys_arch as an architect, dannys_dev as a developer).
An interesting argument in favor of the much maligned "option 3" is
that it allows users to select which of their privileges they want for
a particular task. For example, even if you have developer privileges
which allow you to delete tables, you may want to log in as
"dannys_search" if you're testing a program or using a GUI frontend,
to avoid accidentally damaging anything.
I often use a technique like this when doing Web development; I'll
create a "cust_select" for use in scripts that should only be reading
the data, and a "cust_update" for scripts that should be updating.
That way bugs in one script don't allow it to do too much damage.
This is in general good security practice, much like only logging in
as root when you need to.
If you choose this route, I think you could manage it by maintaining
your own tables with usernames and roles, then generating the actual
MySQL user table. Your frontends could handle automatically appending
the appropriate role. Even if you decide on a more traditional RBAC
system, this still might be a useful technique.