| Subject | Cleanup of user privileges |
|---|---|
| Author | Geoff Worboys |
| Post date | 2009-06-17T08:57:30Z |
Hi All,
I have recently realised that the user privileges in some of
my databases have gotten a bit cluttered. This seems to have
been cause of some obscure problems (at least the problems go
away for the user when I re-apply their role and clean up any
redundant entries with explicit revoke of out of date items).
What I would like to do is write some code that will go through
RDB$USER_PRIVILEGES and clean it up automatically, remove all
the redundant entries and so on. I am wanting to clean-up user
roles, all other privileges have been more tightly managed.
As long as I run this process after-hours when no other users
are currently online, should it be safe to do direct table
manipulations of the role membership entries of
RDB$USER_PRIVILEGES? (INSERT or DELETE as needed.)
Note: Some of these databases are still Firebird v1.5, some
others have gone Firebird v2.1.
--
Geoff Worboys
Telesis Computing
I have recently realised that the user privileges in some of
my databases have gotten a bit cluttered. This seems to have
been cause of some obscure problems (at least the problems go
away for the user when I re-apply their role and clean up any
redundant entries with explicit revoke of out of date items).
What I would like to do is write some code that will go through
RDB$USER_PRIVILEGES and clean it up automatically, remove all
the redundant entries and so on. I am wanting to clean-up user
roles, all other privileges have been more tightly managed.
As long as I run this process after-hours when no other users
are currently online, should it be safe to do direct table
manipulations of the role membership entries of
RDB$USER_PRIVILEGES? (INSERT or DELETE as needed.)
Note: Some of these databases are still Firebird v1.5, some
others have gone Firebird v2.1.
--
Geoff Worboys
Telesis Computing