--- In firebird-support@yahoogroups.com, "Martijn Tonies"
<m.tonies@...> wrote:

>
> Hi,
>
> > I work for a software company who uses Firebird in our

application.

> > We have customers who pay "consultants" to set them up with our
> > software and do custom work sometimes. One thing many of
> > these "consultants" like to do is put data in to our database
> > outside of the means we provide them. This almost always leads

to an

> > eventual support call from the customer saying that our program

is

> > not working and its our fault, whereas in actuality it is most
> > likely their "consultant's" fault for putting in bad data

because

> > they thought they knew what they were doing.
> >
> > Ideally we would like to change the SYSDBA password and create a
> > user for them to "look but not touch" and a user for the program
>
> Well, with Firebird, as the security currently is server-wide,

you're

> in for a bit of work ...
>
> One thing you can do to lock "sysdba" out, is to create a role
> named "sysdba" -> this way, a sysdba log in will fail.
>
> Martijn Tonies
> Database Workbench - development tool for Firebird and more!
> Upscene Productions
> http://www.upscene.com
> My thoughts:
> http://blog.upscene.com/martijn/
> Database development questions? Check the forum!
> http://www.databasedevelopmentforum.com
>

I tried to create a role called sysdba and it would not let me do
it. It says "This operation is not defined for system tables.
unsuccessful metadata update. user name SYSDBA could not be used
for SQL role." The steps I took were to log on as sysdba, create a
new user, log on as the new user, then tried to create role called
sysdba. Any suggestions?