Subject RE: [Firebird-Architect] FB security - Roles vs Groups
Author Leyne, Sean

> However Claudio did say:
> > It's possible to create more complex schemas by granting
> > roles to roles (and it's in the standard), but we don't
> > support that capability.
> This aspect has been mentioned before and I believe it is very
> important. If we had this ability then suddenly the whole
> issue of privilege management becomes much easier.

I agree, that can help.

However, without allowing for a user to have multiple roles
active-simultaneously, the number of roles which must be defined to
cover all possible combinations works out to be n^2-1.