From: <ja...@op...> - 2002-04-23 21:05:30
|
"Miller, Michael (Rosetta)" <Michael_Miller@Rosettabio.com> writes: > Owner is absolutely necessary for us, otherwise who decides who has > write/read permissions for an experiment? This can be synonymous > with the write group but quite often isn't. At one point in time, I agreed with you and thought owner was critical. But it started to become a silly 'exception to the rule'. All of our security checking looked at the write group to see if an action was allowed - *except* if the attributes being modified were the read_group or write_group then you look at the owner. It simplified things a lot just to allow anyone in the write_group to modify the data in any way. After all, if you trust them to modify the data, why not trust them to modify the priveleges? And after all, if a user modifies the priveleges in an unpopular way, you've got a DBA that can reverse it. jas. |