Subject Seperation of user creation and SYSBDA role
Author Nikolaus Kern
Hello all,

The upgrade to FB 2.5 worked very easy and was done in the production
environment in a few minutes.

In order to use the new features about the CREATE/ALTER/DELETE USER I
would like to understand if following scenario can be achieved:

*) Every user can change his own password -> ok
*) A privileged user - not the SYDBA - can create, alter and delete also
other users
*) This privileged user should not be able to modify the datastructure
by alter/delete views, tables etc.

The objective is to seperate the ability to manage users (for the client
- server application) and the power to mess arround with the datastructure.

Any direction is welcome.