| Subject | Re: [Firebird-Architect] User name SYSDBA |
|---|---|
| Author | Jim Starkey |
| Post date | 2005-08-03T21:39:29Z |
Martijn Tonies wrote:
While it makes sense for someone to activate and deactivate a
particularly role, does it makes sense to temporarily leave a group?
What sort of privilege would be required to register another user for a
group?
--
Jim Starkey
Netfrastructure, Inc.
978 526-1376
>>>My only concern is that the current implementation of Role, while SQLWhat is the difference between a group and a role other than name?
>>>compliant is almost completely useless. Any user can login with any
>>>role -- so how can access to the SYSDBA functions be limited?... they
>>>can't.
>>>
>>>The change of SYSDBA from a user to a "role" would be a good thing, only
>>>if the implementation uses a security "group" metaphor to which a user
>>>must be added as a member and not a property which is set as a value at
>>>login.
>>>
>>>
>"groups" sound fine to me.
>
>
>
While it makes sense for someone to activate and deactivate a
particularly role, does it makes sense to temporarily leave a group?
What sort of privilege would be required to register another user for a
group?
--
Jim Starkey
Netfrastructure, Inc.
978 526-1376