Subject Re: [firebird-support] Re: stored procedures permissions question
Author Ann W. Harrison
Robby wrote:
> Ok. I knew that that was an option, but I have about 40 SPs....that's
> a lot of permissions to grant (considering that I have to do one on a
> case by case basis ...SP Foobar() might require SELECT access to table
> BLA and UPDATE access to table FOO, a different SP would have
> different needs). I see that there are some scripts that can ease
> this, but what would be best is if those SPs ran as sysdba and I only
> had to grant access to the test user to run the SPs.

Allowing a stored procedure to run with permissions other than those it
has been specifically granted or those of the person who invokes it
strikes me as a serious security hole, and I wouldn't want to see us do
it in any general way. If you don't care particularly about the issue,
you could use the RDB$DEPENDENCIES table to identify the tables used by
each stored procedure and generate a list of grant statements that grant
all rights to the procedure on each table it references.