|Subject||RE: [Firebird-Architect] Create of RDB$USERS|
|Author||Claudio Valderrama C.|
> -----Original Message-----This is an intriguing part in Borland's decision.
> From: Firebird-Architect@yahoogroups.com
> [mailto:Firebird-Architect@yahoogroups.com]On Behalf Of Jim Starkey
> Sent: Martes, 18 de Octubre de 2005 16:51
> >2. Why the use of 128 for the user_name and name_part columns? Just an
> >arbitrary number choice? The actual length limit will be 32 characters
> >since its using UNICODE_FSS encoding right?
> I took that from the FB 1.5 USERS table. I find the Firebird
> international stuff sufficiently counter intuitive that I'm going to
> duck the question. The fields, however, are defined as declared, so I'm
> sure somebody the max and min number of actual characters. Just not me.
A very long name_part makes sense if you want this information. Some real
people names are long.
However, the issue I never understood is the length of the user name at 128
bytes. I don't think we handle currently that size internally (at least in a
consistent way). Further, rdb$user_privileges set the user length at 31
bytes since IB4. We don't want to screw rights forever like Borland did when
they added the SQL$ prefix to some security classes and caused a security
hole that we still can't close:
Now, imagine the same problem with two users that have the same bytes up to
the 31th byte and differ in the rest: rdb$user_privileges (limited to 31
bytes) will be screwed the way rdb$security_classes can be fooled now.