Home » RDBMS Server » Security » False Positive Responsibilities
False Positive Responsibilities [message #305687] Tue, 11 March 2008 09:51 Go to next message
kuchend
Messages: 3
Registered: March 2008
Junior Member
In our environment, we have MANY responsibilities which are labled as "query only," "inquiry," or "view only." We are wanting to determine the most efficient way to test these responsibilities so we can without a doubt say that they are truly query only and provide no ability to write/update. What are your experiences, comments, and solutions regarding this situation?
Re: False Positive Responsibilities [message #305690 is a reply to message #305687] Tue, 11 March 2008 09:53 Go to previous messageGo to next message
Michel Cadot
Messages: 68625
Registered: March 2007
Location: Nanterre, France, http://...
Senior Member
Account Moderator
Privileges and roles are made for that.
Just give the privileges required by the tasks and no more then you are sure that you don't exceed them.

Regards
Michel
Re: False Positive Responsibilities [message #305692 is a reply to message #305690] Tue, 11 March 2008 09:56 Go to previous messageGo to next message
kuchend
Messages: 3
Registered: March 2008
Junior Member
Well the problem there is that our environment is so large that we cannot just restrict the responsibilities as we might lose a critical function for hundreds of people. If one were to look at the code for a Form related to a responsibility, would we be able to cover all our bases and determine if the responsibility were query only?
Re: False Positive Responsibilities [message #305693 is a reply to message #305690] Tue, 11 March 2008 09:58 Go to previous message
kuchend
Messages: 3
Registered: March 2008
Junior Member
and we are talking about responsibilities with hundreds of functions attached to them which would be very time consuming to manually test.
Previous Topic: Could the default maximum password length be changed ??
Next Topic: Passing 160 characters via client id or some other means?
Goto Forum:
  


Current Time: Thu Mar 28 15:24:47 CDT 2024