> Normal/standard setup provides for users to change their
> own password.

But not in FB v1.5, which is where my problem application is
still sitting (for lots of reasons).

> I tend to think this is a bit anal on the part of us
> developers. My clients own their system, they have a
> right to the keys. :-) They know that it's an important
> set of credentials and I log my DBs as well.

I agree entirely. I did not mean to imply that the client
does not have the SYSDBA password (they can have it whether I
give it to them or not). It is simply that I do whatever I can
to ensure that they do not need super-user access for the
normal, often daily, activity of user maintenance.

> SYSDBA in my setup doesn't get permission to do anything in
> the app other than user management.

This makes excellent sense, given the limitations of FB/SQL.
I still dont think it is ideal, but it is certainly seems
likely to be a more reliable solution than mine turned out
to be...

I am gradually coming to realise that trying to force "ideal"
onto FB/SQL security is a losing battle. In previous
incarnations I even tried to work around the problem of not
being able change a users logon name - short of creating a
whole new logon. Boy did that turn out badly!

--
Geoff Worboys
Telesis Computing