NYCPHP Meetup

NYPHP.org

[nycphp-talk] Not-so-subtle attack on PHP

Kenneth Downs ken at secdat.com
Fri Sep 28 16:38:09 EDT 2007


John Campbell wrote:
> On 9/28/07, Kenneth Downs <ken at secdat.com> wrote:
>
>   
>>   I will claim that putting security
>> directly into the database is better than any other way because it does what
>> is needed in the end with the least possible work.
>>     
>
> I must be missing something.  Take a simple social networking
> scenario: A user can only see another user's complete profile if and
> only if they are mutual friends.  Implementing that in the tables
> would be a huge pain in the ass and incur a big performance penalty.
> Is there some super easy way to implement this that I am missing?
>
>   

No matter how you do it, you have to define it first.  Your rules, in 
English, roughly, are:

1) A user can see his own profile
2) A user can see his friends' profiles

Translated into database terms:

1) A user can see row(s) in the profiles table where the user_id column 
matches his
2) A user can see row(s) in the profiles table if the user_id matches a 
cross-reference that lists him and the target user.

If you want public/private profiles you repeat the same process for 
defining column-by-column access. As I've said many times in this 
thread, it will all come down to database definitions in the end, so the 
real question is about the easiest way to implement the most reliable 
approach.

The Andromeda definition would be something like this:

table profiles:
    column user_id:
       primary_key: "Y"
       # Supergods can see any row, but....
       group supergods:
          permrow: "N"     
       # ...group "general" only sees rows where this
       #    column matches their user_id
       group general:
          permrow: "Y"
       # ...any member of the group friends can see
       #    a row here if they are on the left side
       #    of friends x-ref table
       group friends:
          permrow_table: friends

    column name:
    column address:
    column city:
    ....etc....
  
#  This is the cross-reference of friends
table friends:
    foreign_key profiles:
       suffix: _1  
    foreign_key profiles:
       suffix: _2
   

Now that its defined the question is what is the easiest way to 
implement it?  If the server can do it for you then you have no more 
work to do.  That's why I wrote Andromeda and that's what Andromeda does 
for me.   But I don't do social networking sites -- I wish I had 
something that simple!


-- 
Kenneth Downs
Secure Data Software, Inc.
www.secdat.com    www.andromeda-project.org
631-689-7200   Fax: 631-689-0527
cell: 631-379-0010

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20070928/82ab98d4/attachment.html>


More information about the talk mailing list