|Subject||Re: GRANT ALL TO PUBLIC|
--- In firstname.lastname@example.org, Michael Weissenbacher
>And of course, I should always check fbtalk before posting ;)
> > You do not normally want to grant everyone all access to everything.
> > Most people for whom security is of no concern could simply log in as
> > SYSDBA (which has rights to everything).
> Of course, but I often have the requirement to grant full access to all
> things in a database to a particular user. It often happens to me that a
> certain (web-)application needs full access to its database but to none
> of the others. They should never log in as SYSDBA, because they would be
> able to access other databases too. Vice versa, a REVOKE ALL FROM
> EVERYONE would be nice too.
> > But if you did want to head down that road, surely it would not be too
> > hard to create a stored procedure. This procedure could run a for
> > select loop through RDB$RELATIONS, then use the EXECUTE STATEMENT
> > syntax (see FB 1.5 Release notes) to do the grant.
> > Then execute the procedure and commit.
> This sounds like a good idea, I will look into it. If I come up with a
> working solution, what would be a good place to put it so others can use
> it too? Maybe send it to helen for inclusion in the release notes?