Why not expose a primary key
Posted
by
Angelo Neuschitzer
on Programmers
See other posts from Programmers
or by Angelo Neuschitzer
Published on 2013-11-13T06:49:30Z
Indexed on
2013/11/13
10:11 UTC
Read the original article
Hit count: 348
In my education I have been told that it is a flawed idea to expose actual primary keys (not only DB keys, but all primary accessors) to the user.
I always thought it to be a security problem (because an attacker could attempt to read stuff not their own).
Now I have to check if the user is allowed to access anyway, so is there a different reason behind it?
Also, as my users have to access the data anyway I will need to have a public key for the outside world somewhere in between. Now that public key has the same problems as the primary key, doesn't it?
© Programmers or respective owner