Schema

[Derek Atkins]

Patrick Spinler <spinler.patrick@mayo.edu> writes:

[snip]
> For the server and client on the same machine, this method provides a
> reasonable expectation of privacy for the database - file protections
> stop raw access to the file, and database user auth'ing stops people
> running a database engine against it.

I think we'll need to support multiple authentication schemes.  For
standalone (single-user, single-host) installations, we can easily use
local OS authentication.  We can (usually) trust the OS to correctly
process authentication between various processes.  For example, you
can guarantee that a user can correctly access a local file system
based soley on their OS login.

However, down the road, when we create a networked system, it will be
absolutely required that we (GnuCash) maintain our own
"authentication" system outside the Database.  This may still use
username/password, or it may be based on a real network authentication
system (Kerberos, PKI, etc).  At this point, there would be some sort
of middleware that sits between the network interface and the
Database.  In this situation, we'd need to map between authentication
ID and database access.

> For a first implementation this is probably okay, since people on this
> list are talking about using an embedded or "sandboxed" database that
> would be under complete control of the application, and transparent to
> the user.

Agreed.  External authentication is more for the longer-term.

> -- Pat

-derek

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available