Subject Re: [firebird-support] Re: GRANT ALL TO PUBLIC
Author Michael Weissenbacher
> You do not normally want to grant everyone all access to everything.
> Most people for whom security is of no concern could simply log in as
> SYSDBA (which has rights to everything).
Of course, but I often have the requirement to grant full access to all
things in a database to a particular user. It often happens to me that a
certain (web-)application needs full access to its database but to none
of the others. They should never log in as SYSDBA, because they would be
able to access other databases too. Vice versa, a REVOKE ALL FROM
EVERYONE would be nice too.
> But if you did want to head down that road, surely it would not be too
> hard to create a stored procedure. This procedure could run a for
> select loop through RDB$RELATIONS, then use the EXECUTE STATEMENT
> syntax (see FB 1.5 Release notes) to do the grant.
> Then execute the procedure and commit.
This sounds like a good idea, I will look into it. If I come up with a
working solution, what would be a good place to put it so others can use
it too? Maybe send it to helen for inclusion in the release notes?