[AccessD] Cascade-delete (was: Estimating Help)

Gustav Brock gustav at cactus.dk
Sun Feb 9 03:42:01 CST 2003


Hi John

> From that point on, I made a conscious effort to at least evaluate what
> power I was giving my users, and make a conscious effort to prevent them
> from doing things they were not authorized to do.

As a general note, it's the responsibility of a trusted user to not
pass his/her access to an application to another user granted lower
rights to that application and its data.

Applying this to your case, as a user you failed, as the developer you
were not to be blamed.

Of course, today you could let the application request the user to
(re)authorize by touching a fingerprint reader each time before a
critical task was to be performed. And so on ... ultimately the
keyboard itself should be capable of real time scanning the user's 
fingerprint. 

/gustav




More information about the AccessD mailing list