| Subject | Re: [Firebird-Architect] User name SYSDBA |
|---|---|
| Author | Jim Starkey |
| Post date | 2005-08-03T14:59:28Z |
Helen Borrie wrote:
let him do the work, and actually find out who is doing what (right now
if anything signfiicant gets done, it's done by SYSDA, which isn't very
informative since a number of user are required to share this account).
--
Jim Starkey
Netfrastructure, Inc.
978 526-1376
>At 10:30 AM 3/08/2005 -0400, you wrote:Sounds good to me. That way you could delgate the role to another user,
>
>
>>I had rather thought that SYSDBA was an arbitrary account name generally
>>used when creating new databases. In fact, it is hard coded in at least
>>two places. Is this a really good idea? The idea of a magic account
>>like "root" is pretty much discredited in favor of schemes that create a
>>privileged account at creation time. Should we be considering
>>eliminating the builtin SYSDBA in favor of the user name give when
>>creating a database?
>>
>>
>
>That would certainly discourage people from creating databases under the
>SYSDBA login! Would it be a crafty idea to eliminate the built-in SYSDBA
>*user* and instead have a built-in SYSDBA *role* that can be assigned to a
>specified owner-user in each database.
>
>
>
let him do the work, and actually find out who is doing what (right now
if anything signfiicant gets done, it's done by SYSDA, which isn't very
informative since a number of user are required to share this account).
--
Jim Starkey
Netfrastructure, Inc.
978 526-1376