| Subject | RE: [Firebird-Architect] FB security - Roles vs Groups |
|---|---|
| Author | Leyne, Sean |
| Post date | 2005-08-04T23:11Z |
Geoff,
However, without allowing for a user to have multiple roles
active-simultaneously, the number of roles which must be defined to
cover all possible combinations works out to be n^2-1.
Sean
> However Claudio did say:I agree, that can help.
> > It's possible to create more complex schemas by granting
> > roles to roles (and it's in the standard), but we don't
> > support that capability.
>
> This aspect has been mentioned before and I believe it is very
> important. If we had this ability then suddenly the whole
> issue of privilege management becomes much easier.
However, without allowing for a user to have multiple roles
active-simultaneously, the number of roles which must be defined to
cover all possible combinations works out to be n^2-1.
Sean