Hi list,
If I give column rights to a user, I can't use a general view for him, which
is normal.
I read a lot about DBs and some specialists say that I must not give
direct data (table) access to users but always through a view.
Are they right? (meaning I must have as much views as users - and how
can I do that, where to put them, shall I generate them on-ze-fly,...?),
or are they wrong (meaning I only have to recover user's rights at
connection and build my queries accordingly directly toward tables)?
Whatever the complexity, security is the master word here.
JY
--
A sine curve goes off to infinity, or at least the end of the blackboard.
-- Prof. Steiner
