Subject Re: [firebird-support] Re: GRANT ALL TO PUBLIC
Author Bogusław Brandys
Adam wrote:
> --- In, Michael Weissenbacher
> <mw@...> wrote:
>> Hi,
>>> You do not normally want to grant everyone all access to everything.
>>> Most people for whom security is of no concern could simply log in as
>>> SYSDBA (which has rights to everything).
>> Of course, but I often have the requirement to grant full access to all
>> things in a database to a particular user. It often happens to me that a
>> certain (web-)application needs full access to its database but to none
>> of the others. They should never log in as SYSDBA, because they would be
>> able to access other databases too. Vice versa, a REVOKE ALL FROM
>> EVERYONE would be nice too.
>>> But if you did want to head down that road, surely it would not be too
>>> hard to create a stored procedure. This procedure could run a for
>>> select loop through RDB$RELATIONS, then use the EXECUTE STATEMENT
>>> syntax (see FB 1.5 Release notes) to do the grant.
>>> Then execute the procedure and commit.
>> This sounds like a good idea, I will look into it. If I come up with a
>> working solution, what would be a good place to put it so others can use
>> it too? Maybe send it to helen for inclusion in the release notes?
> It's not really the sort of thing release notes are for. Somewhere
> like may be better. There is definately room for more
> 'useful tricks', but I think we want to be careful that important
> information about fixed bugs and new features isn't swallowed by 100s
> of these tricks. By the same token, I don't like the idea of different
> pieces of knowledge scattered everywhere. I think Si has done an
> excellent job with fbtalk, so that is where I would post.
> If you do make a generic SP, provide an input parameter to allow you
> to specify the user / role you are granting to.
> Adam

Why not collect all those tips and create tips&tricks PDF similar to
release notes ? .And of course put it somewhere on ;-)