Kbase 19012: Difference in permissions in v9 when using dynamic queries
| Autor |
Progress Software Corporation - Progress |
| Acesso |
Público |
| Publicação |
04/08/1999 |
|
Difference in permissions in v9 when using dynamic queries
DRAFT COPY - Currently under review and edit.
Prior to version 9 users could run compiled programs that allowed them
access to data which they did not have at the data security level, ho
wever with the arrival of dynamic queries in v9 this means that users
may not be able to run the compiled programs as before.
For example:
Prior to v9.
User1 has full access to the customer table, user2 cannot read the tab
le. Thus user2 cannot run a procedure that tries to read the customer
table. However if user1 compiles a procedure which reads the customer
table then user2 can run the .r with no error.
This is documented in the System Admin Guide, pg 7-12 (1997) - Compile
-time Security.
v9.
Again assuming that user1 has full access to customer whilst user2 can
not read the customer table.
The problem now is that user2 could have problems with the following p
rogram:
/* query.p */
DEF VAR i AS INT.
DEF VAR qh AS HANDLE. /* query handle */
DEF VAR bh AS HANDLE. /* buffer handle */
DEF VAR fh AS HANDLE EXTENT 100. /* buffer-field handle */
DEF VAR tab-name AS CHAR LABEL 'Table name'
INIT 'Customer'.
UPDATE tab-name.
CREATE BUFFER bh FOR TABLE tab-name. /* create a buffer for the
table */
CREATE QUERY qh. /* create a query
*/
qh:SET-BUFFERS(bh). /* attache the buffer to th
e query */
qh:QUERY-PREPARE("for each " + tab-name). /* prepare the query
*/
qh:QUERY-OPEN. /* open the query
*/
qh:GET-FIRST. /* get the first record
*/
DISPLAY bh:name. /* display the buffer table
name */
REPEAT WHILE bh:AVAILABLE AND LASTKEY <> KEYCODE("ESC") :
REPEAT i = 1 TO bh:NUM-FIELDS :
fh[i] = bh:BUFFER-FIELD(i).
DISPLAY fh[i]:NAME STRING(fh[i]:BUFFER-VALUE) FORMAT "x(40)".
END.
qh:GET-NEXT.
END.
DELETE WIDGET bh.
/* End of Procedure */
This allows the user to select the table they want to view at run-time
so even if this file is compiled and user2 then runs the .r file, if
they choose the customer table they will get errors:
** Insufficient access privilege for table Customer. (234).