Record-level Security in MySQL

[Guest_imported]

Can anyone tell me if it's possible to implement record-level security using MySQL? I'm looking at using it for a database in which I want a table of user data (e.g. name and address and so on) and I want each user to be able to alter his / her own data, but not have any access at all to other users' data.

Any advice would be gratefully received...

 

[rycamor]

If the users have 'native' access to MySQL, then this is not possible. In other words, if they have access to the MySQL command prompt, or to program PHP, Perl, etc... scripts directly to MySQL, then you cannot enforce any row-level security.

But, if this is an application where you are programming the front end, why not just have a password hash as one of the fields in the table? Just allow users to select from the table only those records which match their password login.

Otherwise, you will have to simply create a separate table for each user, if you really need security. -------------------------------------------

"Calculus is just the meaningless manipulation of higher symbols"
                          -unknown F student