Subject Re: [Firebird-Architect] FB security - Roles vs Groups
Author Christian Danner
Only a short annotation (without considering the technical aspects of

As a chosen combination of already granted roles isn't of relevance
regarding security, why not allow the user to define the needed
selection her-/himself, e.g. by transferring a comma-separated list of
roles, or - for convenience - alternatively an asterisk, if an
inclusion of them all for the least restricted db access is desired.
This could protect admins from the necessity of predefining myriads of
role supersets. BTW, an unset role would still mean a fallback to the
privileges directly granted to the user.