| Subject | Re: GRANT ALL TO PUBLIC |
|---|---|
| Author | Adam |
| Post date | 2006-06-13T12:11:12Z |
--- In firebird-support@yahoogroups.com, Michael Weissenbacher
<mw@...> wrote:
http://www.fbtalk.net/viewtopic.php?id=128
Adam
<mw@...> wrote:
>And of course, I should always check fbtalk before posting ;)
> Hi,
> > You do not normally want to grant everyone all access to everything.
> > Most people for whom security is of no concern could simply log in as
> > SYSDBA (which has rights to everything).
> Of course, but I often have the requirement to grant full access to all
> things in a database to a particular user. It often happens to me that a
> certain (web-)application needs full access to its database but to none
> of the others. They should never log in as SYSDBA, because they would be
> able to access other databases too. Vice versa, a REVOKE ALL FROM
> EVERYONE would be nice too.
> >
> > But if you did want to head down that road, surely it would not be too
> > hard to create a stored procedure. This procedure could run a for
> > select loop through RDB$RELATIONS, then use the EXECUTE STATEMENT
> > syntax (see FB 1.5 Release notes) to do the grant.
> > Then execute the procedure and commit.
> This sounds like a good idea, I will look into it. If I come up with a
> working solution, what would be a good place to put it so others can use
> it too? Maybe send it to helen for inclusion in the release notes?
>
> thanks,
> Michael
>
http://www.fbtalk.net/viewtopic.php?id=128
Adam