| Subject | RE: [Firebird-Architect] Create of RDB$USERS |
|---|---|
| Author | Claudio Valderrama C. |
| Post date | 2005-10-19T10:13:31Z |
> -----Original Message-----You got it. This is the problem that happens with long table names and
> From: Firebird-Architect@yahoogroups.com
> [mailto:Firebird-Architect@yahoogroups.com]On Behalf Of Alex Peshkov
> Sent: MiƩrcoles, 19 de Octubre de 2005 4:45
> To: Firebird-Architect@yahoogroups.com
> Subject: Re: [Firebird-Architect] Create of RDB$USERS
>
> Leaving rdb$user_name varchar(128) is security risk. What happens in
> case when VeryVeryVeryVeryVeryVeryLongUserName is granted some some
> rights, and after it VeryVeryVeryVeryVeryVeryLongUserName2 is added?
> Suppose it will have all this rights. That's not OK.
> I suggest to restrict it to 31.
rdb$user_privileges currently, described in the URL I posted in this thread:
you have control of both tables when you create the second one, provided
that the first 27 bytes are the same and they only differ in the rest.
C.