Hello,

A co-worker asks if there is a way to protect the firebird system
tables, for example RDB$PAGES, from destructive users.

In the example below, I login as SYSDBA and can delete all rows from
the RDB$PAGES table, corrupting the database. I also tried this with
a non-sysdba user and was able to do the same thing.

C:\temp>isql
Use CONNECT or CREATE DATABASE to specify a database
SQL> create database 'syst.fdb';
SQL> show table rdb$pages;
RDB$PAGE_NUMBER (RDB$PAGE_NUMBER) INTEGER Nullable
RDB$RELATION_ID (RDB$RELATION_ID) SMALLINT Nullable
RDB$PAGE_SEQUENCE (RDB$PAGE_SEQUENCE) INTEGER Nullable
RDB$PAGE_TYPE (RDB$PAGE_TYPE) SMALLINT Nullable
SQL> delete from rdb$pages;
SQL> select * from rdb$pages;
SQL> quit;

I tried revoking privileges, but could still delete from this table.
Here is what I tried:

SQL> revoke all on user1 from rdb$pages;
SQL> commit;
SQL> quit;
C:\temp>isql -u user1 -p masterkey TT.FDB
Database: TT.FDB, User: user1
SQL> delete from rdb$pages;
SQL> commit;

Any suggestions? Please post back with a SQL snippet os specific
recommendations if you have an idea as to how to protect these
tables. Thanks!

-b

Bill Oliver
bill.oliver@...