On Thu, 2004-04-29 at 18:57 +0200, Joolz wrote: > > I have to think about it long and hard :-), the extra "layer" makes > things more secure, I would only have to register username (for > auditing purposes) plus the "role" in session variables, which could > be md5()'d. Still, the extra layer is from a logical point of view > redundant and thus errorprone. > > Still, it might be a good idea. If anyone cares to share their opinion > on the matter (or discuss how you handled this), TIA! For myself, I handle security roughly as follows: Password is stored as a salted md5, which means that two users with the same password have different on-disk records of it. Logged in user gets a session cookie which is an md5 of random data plus a session id. The session id is looked up, and the random data (which is only known server-side) is validated. Of course the session id is predictable, but the random data is not. I use a general user-id to access the database, rather than database users and permissions. I generally find that the database permissions model is not a good fit to the permissions I want for my website. Hope this is of interest, Andrew McMillan. ------------------------------------------------------------------------- Andrew @ Catalyst .Net .NZ Ltd, PO Box 11-053, Manners St, Wellington WEB: http://catalyst.net.nz/ PHYS: Level 2, 150-154 Willis St DDI: +64(4)916-7201 MOB: +64(21)635-694 OFFICE: +64(4)499-2267 -------------------------------------------------------------------------
