Thread

  1. Re: [HACKERS] Here it is - view permissions]

    Zeugswetter Andreas IZ5 <andreas.zeugswetter@telecom.at> — 1998-02-23T17:23:03Z

    >> > > Why does views default to 'select' permission for 'public'?
    >> > > I think most people will never think of the possibility that others
    >> > > will be able to SELECT their data through views.
    >> > > Should not 'create view' at least print a NOTICE about this?
    >> > 
    >> > 	Considering how much security we are putting around everything
    >> > else, is it unreasonably to have both 'create view'/'create table'
    default
    >> > to 'revoke all' to public, and 'grant all' to owner?
    >> 
    >> Most commercial databases don't do this.
    >
    >	Well, just checked with Wayne (My Oracle Guru) and in Oracle,
    >everything is private by default, and you open it up as required/desired
    >to other ppl...
    
    Hate to say this, but ANSI says the default has to be no rigths for public.
    Informix has a separate config parameter to enforce this. I use this
    parameter. (NODEFDAC=yes)
    I still think this is a non issue, since the paranoid under us (like myself
    on sensitive data) will always
    revoke all on <new table> from public; first thing after the create table
    just to be sure.
    
    Andreas