-
Hi,
I have come across sites that differentiate schema owner from application owner. What is the benefit for implementing such a security model.
I have tried searching the technet site but did not find any papers or documentaion. Any feedback will be appreciated.
MS
-
Perhaps you are referring to the application connecting as a different user than actually owns the tables or schema?
Makes sense. Then you can just grant the necessary table and procedure priviledges to the APP_USER. That way the application cannot drop tables or mess with your DB in ways you do not want it to.
Is that what you are referring to?
- Magnus
-
Hi Jgmagnus:
That's exactly correct.
But what if the app requires on the fly d/b object creation (say a form based application) where the user can design his own form and have the data stored in a table. Is there a way to control that ?
MS
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|