Before I end this chapter, let me elaborate on something I have alluded to several times: limiting which applications an administrator may manage. You will recall in our discussion of the Register New Application screen, we created a new table to designate an administrator for the new application,
appsec.t_application_admins. We have not done anything with that table yet, except maintain the data in it.
You may recall from Listing 12-48 that we limited certain privileges on that table of administrators to just a single user,
osadmin. This administrator of administrators job could be extended to more individuals, but we didn't create a role to handle this. That might be a good future improvement. ...