Friday, June 12, 2009

Crumbling MySQL Sandcastle

I'm going to have to take a moment and backpedal. I described the MySQL Sandcastle as an excellent construct for shared development against a large repository without stepping on the toes of fellow developers.

In theory this is excellent, and in practice it's proved rather useful especially where projects call for deviation of underlying structures which can be done in a relationally intact way by severing the link to the main repository. However, when it comes to actual permissions, the Merge table is not akin to a symlink which verifies the access rights to the underlying object: if you have access to the merge table, you have all of the corresponding access to the underlying tables regardless of whether the permissions have been granted. This means that UPDATE and DELETE operations intended to be constrained by the combination of structure and permissions are in fact freely available across the board: developers may perform these functions against the PSR (to re-use terminology).

Your mileage may definitely vary between "meh" and "dealbreaker", but it would be irresponsible of me not to disclose a minor leak in the tank.

No comments: