|Re: [firebird-support] Running modification scripts in FB1.5 security.fdb
> Sorry - I'm still not with it - Why don't your uses change their ownBecause standard security database does not allow it using user's account.
(I know you know that :-)
> My apps provide for an admin of the app to add/delete users and resetIn standard security database, there is Select grant on USERS table granted to Public.
> passwords. Each individual user can modify their own password only. Why is
> there a need to drop tables?
It means every user with valid account can find out list of other users,
and list of their (encrypted) passwords. Once you download these passwords,
you can crack them much faster locally. You can prevent it by renaming USERS
table (hence the need to drop it) and creating USERS view.