Subject | Re: [firebird-support] Re: GRANT ALL TO PUBLIC |
---|---|
Author | Michael Weissenbacher |
Post date | 2006-06-13T11:11:12Z |
Hi,
things in a database to a particular user. It often happens to me that a
certain (web-)application needs full access to its database but to none
of the others. They should never log in as SYSDBA, because they would be
able to access other databases too. Vice versa, a REVOKE ALL FROM
EVERYONE would be nice too.
working solution, what would be a good place to put it so others can use
it too? Maybe send it to helen for inclusion in the release notes?
thanks,
Michael
> You do not normally want to grant everyone all access to everything.Of course, but I often have the requirement to grant full access to all
> Most people for whom security is of no concern could simply log in as
> SYSDBA (which has rights to everything).
things in a database to a particular user. It often happens to me that a
certain (web-)application needs full access to its database but to none
of the others. They should never log in as SYSDBA, because they would be
able to access other databases too. Vice versa, a REVOKE ALL FROM
EVERYONE would be nice too.
>This sounds like a good idea, I will look into it. If I come up with a
> But if you did want to head down that road, surely it would not be too
> hard to create a stored procedure. This procedure could run a for
> select loop through RDB$RELATIONS, then use the EXECUTE STATEMENT
> syntax (see FB 1.5 Release notes) to do the grant.
> Then execute the procedure and commit.
working solution, what would be a good place to put it so others can use
it too? Maybe send it to helen for inclusion in the release notes?
thanks,
Michael