Subject Re: [firebird-support] Can a trigger not to be fired by a dedicate user (application)?
Author Nando Dessena

>> ... replication ... where you don't want some of
>> the target's database insert/update triggers to fire for various
>> reasons ... done by checking CURRENT_USER and reserving
>> special user names to the tools (like the replicator).

A> The advantage of checking the user (or role) rather than the application
A> is that there's no way to insure that an application is what it claims
A> to be

sure, but that depends on how you implement it. The concept itself is
not secure or insecure. You could restrict the use of an application
name only to those to which you have granted it, like you do with
roles. Would that be a duplication of the role concept? For the most
part, yes. As I said I find the current tools adequate already.

Nando Dessena
I support Firebird, I am a Firebird Foundation member!
Join today at