| Subject | Re: [Firebird-Architect] Create of RDB$USERS |
|---|---|
| Author | Alex Peshkov |
| Post date | 2005-10-19T08:44:32Z |
Dmitry Yemanov wrote:
case when VeryVeryVeryVeryVeryVeryLongUserName is granted some some
rights, and after it VeryVeryVeryVeryVeryVeryLongUserName2 is added?
Suppose it will have all this rights. That's not OK.
I suggest to restrict it to 31.
> "Jim Starkey" <jas@...> wrote:Leaving rdb$user_name varchar(128) is security risk. What happens in
>
>>"create domain rdb$user_name varchar(128) CHARACTER SET
>>UNICODE_FSS;",
>
>
> Strictly speaking, user names are SQL identifiers and hence they should be
> CHAR(31). As Claudio has pointed out, we don't support longer user names
> anyway, neither at the system tables level nor perhaps at the code level.
> The question is whether making it consistent really breaks something. Any
> customers have user names longer than 31 characters without anything granted
> to them?
>
case when VeryVeryVeryVeryVeryVeryLongUserName is granted some some
rights, and after it VeryVeryVeryVeryVeryVeryLongUserName2 is added?
Suppose it will have all this rights. That's not OK.
I suggest to restrict it to 31.