Return-Path: Delivered-To: apmail-db-derby-dev-archive@www.apache.org Received: (qmail 23590 invoked from network); 6 Jun 2010 17:20:17 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 6 Jun 2010 17:20:17 -0000 Received: (qmail 71412 invoked by uid 500); 6 Jun 2010 17:20:17 -0000 Delivered-To: apmail-db-derby-dev-archive@db.apache.org Received: (qmail 71378 invoked by uid 500); 6 Jun 2010 17:20:16 -0000 Mailing-List: contact derby-dev-help@db.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: Delivered-To: mailing list derby-dev@db.apache.org Received: (qmail 71371 invoked by uid 99); 6 Jun 2010 17:20:16 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 06 Jun 2010 17:20:16 +0000 X-ASF-Spam-Status: No, hits=-1501.3 required=10.0 tests=ALL_TRUSTED,AWL X-Spam-Check-By: apache.org Received: from [140.211.11.22] (HELO thor.apache.org) (140.211.11.22) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 06 Jun 2010 17:20:16 +0000 Received: from thor (localhost [127.0.0.1]) by thor.apache.org (8.13.8+Sun/8.13.8) with ESMTP id o56HJtoQ004852 for ; Sun, 6 Jun 2010 17:19:56 GMT Message-ID: <30056644.207021275844795940.JavaMail.jira@thor> Date: Sun, 6 Jun 2010 13:19:55 -0400 (EDT) From: "Dag H. Wanvik (JIRA)" To: derby-dev@db.apache.org Subject: [jira] Updated: (DERBY-4551) Allow database user to execute stored procedures with same permissions as database owner and/or routine definer In-Reply-To: <1760926860.327031266376467896.JavaMail.jira@brutus.apache.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/DERBY-4551?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dag H. Wanvik updated DERBY-4551: --------------------------------- Attachment: (was: definers_rights.html) > Allow database user to execute stored procedures with same permissions as database owner and/or routine definer > --------------------------------------------------------------------------------------------------------------- > > Key: DERBY-4551 > URL: https://issues.apache.org/jira/browse/DERBY-4551 > Project: Derby > Issue Type: Improvement > Components: SQL > Affects Versions: 10.5.3.0 > Reporter: Tushar Kale > Assignee: Dag H. Wanvik > Attachments: definers_rights.html, definers_rights.html, definers_rights.html, definers_rights.html, definers_rights.html, definers_rights.html, definers_rights.html, definers_rights_typos-1.diff, derby-4551-1.diff, derby-4551-1.stat, derby-4551-1.txt, derby-4551-2.diff, derby-4551-2.stat, derby-4551-3.diff, derby-4551-3.stat, derby-4551-3b.diff, derby-4551-3b.stat > > > Curretnly there is no way to hide data and database structure in embedded derby from the end user. > One way to accomplish the above requirement is as follows: > 1. Create encrypted database so data is protected > 2. Enable authentication and sql authorization in database > 3. Create two users, dbUser and dbOwner > 4. Store application logic as stored procedure in the databse so dbUser does not know what tables are accecced by the application logic, thus hiding table structure > 5. Revoke select permission from dbUser so he cannot describe tables thus protecting table structures > 6. Give only Execute permissions on stored procedures to dbUser > The above steps will ensure that data and data structure is hidden when application is delivered to end user. > The problem is, if user does not have select permission, the stored procedures will not execute. So I am requesting the following enhancement to Derby: > If dbOwner has given Execure permission to stored procecure to a dbUser, then allow stored procedure to execute even if the dbUser has no select permission. > In otherwords, When dbUser calls stored procedure, database will use dbOwners authorization to execute stored procedure rather than dbUsers. > This may be implemented by creating new permission called RunAsDbOwner. > DbOwner can then grant permission to dbUser to execute a stored procedure with RunAsDbOwner. > If this is implemented, applications can be created which will truely hide the database structure and data from end users. Database will behave as a blackbox with only in/out data exposed in stored procedures. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.