On Monday 22 December 2003 09:37, Denis wrote:
> Hi Richard..
>
> If your users are required to fire only SELECT and no DML, you can do the
> following:
>
> BEGIN;
> execute the statements given by user
> ROLLBACK;
>
> This will not affect your SELECT and also if any malicious user gives
> DELETE statement, that will not have any impact too..
An interesting idea, though you'd need to be careful with side-effects
(triggers/functions etc). I seem to recall a "read-only" setting being
discussed for transactions too (though not as a security measure, I should
emphasise).
The other thing is to use the database user/group mechanism - something which
tends to be neglected with web-based apps (partly because different DBs have
different setups here).
If only an application super-user can add/delete users make sure the
permissions reflect this and connect as a more restricted user for other
logins.
-- Richard Huxton Archonet Ltd
