Jump to content
xisto Community
Sign in to follow this  
minnieadkins

Using Bitflags To Restrict Site/page Permissions

Recommended Posts

My professor is designing a website that uses bit-flag checking to allow access to certain pages. You login, validate login, and store their allowed bit flag into a session variable. Then you compare to see if they have access or not. It's fairly new to me, but it's apparently very common with linux users. Sounds interesting to me, just wondering if any one has used this, or is it a little too much for simple pages. His site however is going to be more of "software" for several users. Is it very secure and does it work well?

Edited by miCRoSCoPiC^eaRthLinG (see edit history)

Share this post


Link to post
Share on other sites

It should be a very quick and convenient way of doing it - much simpler than referring to a database everytime to check whether you've got access or not.The most common way of fixing access permissions is to have a bunch of fields in the database, representing each screen - you just store 'Y' or 'N' in each field to set the access permission for that screen.Instead of that approach, one can easily store the whole information in a single or multiple byte of data, using each individual bit to represent a particular screen.In the database approach, you'd need 8 bytes (8 characters - Y/N) to store access rights for 8 screens, whereas, in the bitflag approach, you can use just a single BYTE (remember each BYTE has 8 BITS) - to store the whole data.Take for example a byte - consisting of these bits: 10011011 - each '0' or '1' represents whether permission is disallowed or allowed ..You just load this information from the database ONCE when the user logs in, and store this info in a session variable.. everytime u access a page, you check against this value and see whether this dude has access or not.But one problem with this approach - what if this user just walks off from his terminal without logging out ??? And his session hasn't expired yet ? Anybody else can come in and mess around - but so can you do it in case of the first approach.. If one forgets to log out, even God can't help (with due respects)...

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.