[AccessD] Cascade-delete (was: Estimating Help)

John W. Colby jcolby at colbyconsulting.com
Sun Feb 9 12:56:00 CST 2003 

What you are trying very hard to ignore is that the car can be stolen, that
the car can be legally borrowed by someone not intimately familiar with the
way it operates etc.

I make no argument that turning off cascade delete magically locks up an
application, it doesn't.  However it does, absolutely and 100% effectively
prevent a clueless person from ripping thousands of records out of the db
with a single keystroke.  Your application is NOT the only way to get at the
data.  If it were your arguments might hold more water.  As it is, they leak
like a sieve.

John W. Colby
Colby Consulting
www.ColbyConsulting.com

-----Original Message-----
From: accessd-admin at databaseadvisors.com
[mailto:accessd-admin at databaseadvisors.com]On Behalf Of Gustav Brock
Sent: Sunday, February 09, 2003 1:43 PM
To: John W. Colby
Subject: Re: [AccessD] Cascade-delete (was: Estimating Help)


Hi John

>>As a general note, it's the responsibility of a trusted user to not pass
>>his/her access to an application to another user granted lower
>>rights to that application and its data.

> That's about like the car company saying "it's the responsibility of the
> driver not to have an accident", when faced with liability for not
providing
> safety mechanisms.  Absolutely true, but completely irrelevant.

No it's not like that. It's like a father passing the car keys to his
twelve year old son. That's not the responsibility of the car
manufacturer.

As a user with admin rights you left your application free to use by a
non skilled user with no admin rights - no developer can prevent that
other than secure every single operation with some kind of
authorization like a request for a password or a fingerprint. Such a
system is relevant for applications launching nuclear fireworks and the
like but not for the daily work with business applications.

For specific and seldom operations, however, it can be OK; I have seen
an accounting application which asked you to type in D-E-L-E-T-E to
approve you really wanted to delete a financial year and all its data.

Reading Rocky's post on this, it's something like that he's talking
about.

/gustav

_______________________________________________
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com

More information about the AccessD mailing list