* Simon Riggs ([EMAIL PROTECTED]) wrote: > Perhaps we should be implementing "extended privileges" by using one > additional bit to mean "has extended privilege list". We presumably want > to implement column level privileges, plus you raise interesting > thoughts about fine grained security access controls for certain > operations, so an extension mechanism seems like the way to go.
I disagree and feel that my now rather ancient proposal is still better-
split the "permission" bits and the "grantable" bits into two seperate
32bit integers. That has the advantage of doubleing the number of
available bits while also splitting up the frequently used bits
("permission" bits) from the much, much, much less frequently used bits
("grantable" bits).
Of course, the last time this went around the argument was that we
shouldn't add alot of extra code until we actually needed to, while at
the same time we shouldn't use up the few remaining bits we have. The
fact that this makes for an impossible situation seems to have been
lost.
Thanks,
Stephen
signature.asc
Description: Digital signature
