I'm trying to figure out how secure to make the passwords for an App. My thinking so far.
1. It occured to me that a clever user could just go into the password file and just copy the security level from a supervisor record into his/her own. Now s/he is a supervisor.
2. So I encrypt the security level - so what, s/he doesn't have to be able to read the rights, s/he just has to copy them.
3. So I create an extra field (maybe somekind of checksum for example) that verifies the value of the securitly level field. That way if the security level field is changed the App will fail because it doesn't match the extra field (obviously there would have to be more to the extra field so the user couldn't just copy it also).
4. So I create a row level validation for the table that fills in the extra field.
5. The user can get in just remove the row level validation rule in the dbc.
6. A clever user could open up the dbc and read the stored procedures in the dbc and figure out how to bypass security.
7. A clever user would probabley even know how to unencrypt the entire exe file.
I'm going crazy trying to anticipate all the ways that a clever user could get into the Users table and mess things up. If all s/he did was make it unusable, I wouldn't be so concerned, that's what backups are for. But if s/he is able to bypass the security without causing a crash......then what?
I'm almost reaching the conclusion to assume that a clever user is a supervisor and I don't need to protect against it.
Bill Morris