Subject Re: [firebird-support] Privileges changes visibility
Author Ann W. Harrison
Bambang P wrote:

> Will opened connection detect user privileges changes which happened
> after the connection opened?

No. They should, probably, but they don't.
> SQL> grant select on TBL to PUBLIC;
> 2. Run another ISQL and connect to the JUST_A_TEST, but now with
> user name other than SYSDBA. As expected, I can query the table TBL
> from this 2nd ISQL.

> 3. Without closing the 2nd ISQL, switch back to the first ISQL and revoke
> the rights from PUBLIC:
> SQL> revoke all on TBL from PUBLIC;
> SQL>
> [Question: Is commit necessary here?]

Depends on the setting in ISQL. By default it runs DDL statements in a
second transaction which is committed on each statement.
> 4. Switch again to the 2nd ISQL. Now, I expect the 2nd instance of
> ISQL will fails to query the table, because neither the user name nor
> public has any rights on table TBL. However, the 2nd ISQL still
> successfully query the table!!

Not everyone who worked on InterBase and Firebird was as careful about
propagating DDL changes to all active connections as would have been