> > > > Other db's usually use a char array for priaction and don't have
> > > > priisgrantable, but code it into priaction. Or they use
> a bitfield.
> > > > This has the advantage of only producing one row per table.
> > >
> > > That's the price I'm willing to pay for abstraction,
> > > extensibility, and
> > > verifyability. But I'm open for better ideas.
> >
> > Imho this is an area that is extremly sensitive to performance,
> > the rights have to be checked for each access.
>
> Yes, but I believe that Peter's idea is good. System tables
> are used for
> each access not only for ACL, and performance problem is a problem for
> system cache not primary for privilege system.
Yes I totally agree, that the basic idea is great, all I am saying is, that
I would
1. gather more than one priviledge per table into one row (all of: select,
insert, update ...)
2. try to look at some existing table structure from one biggie db and see
if it fits
Andreas