Golden Liu wrote:
> 3. Before evaluating a SQL command, check column-level privilege.
> This is done AFTER checking table-level privilege. As I mentioned
> before, if table-level privilege is granted, it's not necessary to
> check column-level privilege.
Golden, this sounds good. I'm just a user.
It sounds like table || column is the check, so table implies all of
columns. ie, revoking a column permission does nothing unless TABLE
permission is also revoked.
It also might be nice to specify some of the failure / usage modes.
ie, how does "SELECT * FROM Students" work if I don't have permission to
a column. Return all values except for forbidden ones? How does "SELECT
ForbiddenColumn FROM Students" work.
For INSERTS, they probably need to fail if you don't have permission to
non-null columns. What about columns with default values? Are inserts
permitted if you don't have permission to a column with default values?
Do you have a project page up somewhere? I wouldn't mind helping with
some of the documentation for example.
Good luck!
- August
