User Tools

Site Tools


Sidebar

permissions:setuid

Q. I have a schema similar to the following:

member
|— id
|— display name
|— picture

member_role
|— id (1, 2, 3, 4)
|— description (admin, author, user, guest)

member_account
|— id
|— member_id (internally references member.id)
|— email
|— password
|— role_id (internally references member_role.id)

articles
|— id
|— title
|— body
|— author_id (internally references member.id)

function=accessTo:
- register=guest,
- login=guest,
- create_article=admin,author
- delete_article=admin,author
- view_article=admin,author,user
- delete_member=admin,current user

And I would like to limit what a member can access/execute as an additional internal security measure. Should I mix Tarantool access control with my own schema? (2018)

A. You can use setuid to protect access to your data.

Create your schema under user A. Create setuid functions that provide just the right access. Grant user B execute privileges on these functions. Do not set a password for user A - otherwise, no one will be able to authenticate as A. Set a password for user B.

Comments

Enter your comment. Wiki syntax is allowed:
K K E᠎ G B
 
permissions/setuid.txt · Last modified: 2018/05/25 22:44 by eabates

Real Time Web Analytics