| Subject | RE: [Firebird-Architect] Re: Create User Proposal |
|---|---|
| Author | Helen Borrie |
| Post date | 2004-09-24T04:27:49Z |
At 10:59 PM 23/09/2004 -0400, Leyne, Sean wrote:
database without any checking as to whether it exists in the security
database. So (currently at least) deleting a user doesn't do a thing to
privileges. Currently, "orphan user" privileges are the only way to secure
the contents of a database that is accessible to an embedded server app.
The other side of this coin is to be mindful of the effects on privileges
resolution when you are resolving server users by other than username.
Helen
>Alexander,Just to mention that, already, a user can exist in the privileges for a
>
>
> > Now that is a feature I would appreciate, because it will
> > allow me to create/store entire database configuration
> > with a single sql script.
> >
> > Also, perhaps the concept of 'disabling' user can be
> > added, as in alter user <username> [enable|disable];
>
>Interesting idea... not sure about the practical benefit
>
>
> > Which is useful to temporarily deny some user DB access
> > without losing all grants on him.
database without any checking as to whether it exists in the security
database. So (currently at least) deleting a user doesn't do a thing to
privileges. Currently, "orphan user" privileges are the only way to secure
the contents of a database that is accessible to an embedded server app.
The other side of this coin is to be mindful of the effects on privileges
resolution when you are resolving server users by other than username.
Helen