List:General Discussion« Previous MessageNext Message »
From:Martin Ramsch Date:July 6 1999 2:56am
Subject:Re: more selective column privileges?
View as plain text  
On Di, 1999-07-06 02:07:17 +0200, Benjamin Pflugmann wrote:
> >   My rationale is that I'd like to have a kind of an "access right" to
> >   the password field while denying read access of the whole column.
> 
> Hm. Correct me, if I am wrong, but you would just make it a little bit
> harder to find out the value of password, but it is still relatively
> easy.

Hi Benjamin, that's definitely true, and I'm aware of it! :)

> With this kind of access restriction you can figure out the
> value of a password field by doing some selects. Or did I miss your
> point and the purpose of your suggestion is security by obscurity?

Well, I wouldn't call it "security" ... but basically, yes.  Just
blocking the obvious ways to get the password list.

Such an 'access only right' (in comparison to select right) would make
more sense securitywise if such access-only fields were restricted to
be used for example only in equality comparisons.

Anyway, Monty already answered me:
| Sorry no; There isn't any such access right.  One could add this,
| but it wouldn't be really trivial...

And for the actual problem that I had (authentification in phpMyAdmin)
I found a better and really secure solution.

Regards,
  Martin
-- 
Martin Ramsch <m.ramsch@stripped> <URL: http://home.pages.de/~ramsch/ >
PGP KeyID=0xE8EF4F75 FiPr=52 44 5E F3 B0 B1 38 26  E4 EC 80 58 7B 31 3A D7

Attachment: [application/pgp-signature]
Thread
more selective column privileges?Martin Ramsch4 Jul
  • Re: more selective column privileges?Benjamin Pflugmann6 Jul
    • Re: more selective column privileges?Martin Ramsch6 Jul
  • Re: more selective column privileges?Sasha Pachev6 Jul