Path: utzoo!utgpu!watmath!att!tut.cis.ohio-state.edu!gem.mps.ohio-state.edu!ginosko!uunet!mcvax!ukc!axion!vision!chris
From: chris@vision.UUCP (Chris Davies)
Newsgroups: comp.databases
Subject: Re: Informix Isql Protection
Keywords: user-menu
Message-ID: <532@piglet.vision.UUCP>
Date: 15 Aug 89 18:03:52 GMT
References: <4266@uhccux.uhcc.hawaii.edu>
Reply-To: chris@vision.UUCP (Chris Davies)
Organization: VisionWare Ltd., Leeds, UK
Lines: 46

In article <4266@uhccux.uhcc.hawaii.edu> richardj@uhccux.UUCP writes:
>  I am using Informix Isql on the unix for the first time. I have made a 
>  database which lists grades for students in a class. Students are Rows in all
>  tables in the database.  How do I limit access to just the row where the
>  the logged-in student's record is?  I don't want student to access other
>  student records.   

For *each student* you will have to create a view onto your main table as
follows:-

	create view FRED as select * from EVERYONE where NAME = "FRED";
	revoke all on FRED from public;
	grant select on FRED to UFRED

What this does is to create a view called FRED which has the single row
from the table EVERYONE (containing all the students' scores) corresponding
to the student named FRED.  Does this make sense to you?  Additionally it
lets only the user UFRED access the table (UFRED is a Unix username).

Secondly, you will have to set the table permissions *very* carefully:-

	revoke all on EVERYONE from public;
	grant connect to public;

Thirdly, ensure that all your students can actually get to the directory
	.dbs, but cannot read the contents (default
	protection in Unix Informix arranges this).

This assumes the following information:-
	Your table containing *all* the students' scores is called EVERYONE
	FRED is a student who has grades listed in your table
	NAME is a column in your table, EVERYONE, which holds the name of the
		student.
	UFRED is a valid Unix username, used only by the student called FRED.

		Hope this is of some help...
			Chris

-- 
VISIONWARE LTD           | UUCP:     chris@vision.uucp    (or try systime.UUCP)
Systime House            | or:       ...!mcvax!ukc!vision!chris
Leeds Business Park      |
Bruntcliffe Lane         | JANET:    chris%uk.co.vision@uk.ac.ukc
Morley, LEEDS LS27 0NH   |
England                  | VOICE:    +44 532 529292
----------------- "You call these opinons? Not Visionware's!" -----------------