| Subject | Re: [firebird-support] Re: stored procedures permissions question |
|---|---|
| Author | Ann W. Harrison |
| Post date | 2005-08-29T22:12:31Z |
Robby wrote:
has been specifically granted or those of the person who invokes it
strikes me as a serious security hole, and I wouldn't want to see us do
it in any general way. If you don't care particularly about the issue,
you could use the RDB$DEPENDENCIES table to identify the tables used by
each stored procedure and generate a list of grant statements that grant
all rights to the procedure on each table it references.
Regards,
Ann
> Ok. I knew that that was an option, but I have about 40 SPs....that'sAllowing a stored procedure to run with permissions other than those it
> a lot of permissions to grant (considering that I have to do one on a
> case by case basis ...SP Foobar() might require SELECT access to table
> BLA and UPDATE access to table FOO, a different SP would have
> different needs). I see that there are some scripts that can ease
> this, but what would be best is if those SPs ran as sysdba and I only
> had to grant access to the test user to run the SPs.
has been specifically granted or those of the person who invokes it
strikes me as a serious security hole, and I wouldn't want to see us do
it in any general way. If you don't care particularly about the issue,
you could use the RDB$DEPENDENCIES table to identify the tables used by
each stored procedure and generate a list of grant statements that grant
all rights to the procedure on each table it references.
Regards,
Ann