Subject Re: [Firebird-Architect] User name SYSDBA
Author Jim Starkey
Helen Borrie wrote:

>At 10:30 AM 3/08/2005 -0400, you wrote:
>>I had rather thought that SYSDBA was an arbitrary account name generally
>>used when creating new databases. In fact, it is hard coded in at least
>>two places. Is this a really good idea? The idea of a magic account
>>like "root" is pretty much discredited in favor of schemes that create a
>>privileged account at creation time. Should we be considering
>>eliminating the builtin SYSDBA in favor of the user name give when
>>creating a database?
>That would certainly discourage people from creating databases under the
>SYSDBA login! Would it be a crafty idea to eliminate the built-in SYSDBA
>*user* and instead have a built-in SYSDBA *role* that can be assigned to a
>specified owner-user in each database.
Sounds good to me. That way you could delgate the role to another user,
let him do the work, and actually find out who is doing what (right now
if anything signfiicant gets done, it's done by SYSDA, which isn't very
informative since a number of user are required to share this account).


Jim Starkey
Netfrastructure, Inc.
978 526-1376