Why not expose a primary key

Posted by Angelo Neuschitzer on Programmers See other posts from Programmers or by Angelo Neuschitzer
Published on 2013-11-13T06:49:30Z Indexed on 2013/11/13 10:11 UTC
Read the original article Hit count: 348

In my education I have been told that it is a flawed idea to expose actual primary keys (not only DB keys, but all primary accessors) to the user.

I always thought it to be a security problem (because an attacker could attempt to read stuff not their own).

Now I have to check if the user is allowed to access anyway, so is there a different reason behind it?

Also, as my users have to access the data anyway I will need to have a public key for the outside world somewhere in between. Now that public key has the same problems as the primary key, doesn't it?

© Programmers or respective owner

Related posts about security

Related posts about theory