Subject Re: [firebird-support] Securities
Author Mark Rotteveel
On Wed, 7 Mar 2012 12:04:34 +0200, Nols Smit <nols@...>
> If a user logon under role named Role2, then the trigger of TABLE1
> me to give Role2 full access to
> Category_ID and RegistrationDate. My intention was may only update
> MemAddress in TABLE1.
> Generally speaking: It seems a role must have all privileges on a
> fields used in the table's triggers
> Will anyone clarify this confusing security issue?

Did you grant the necessary rights to the trigger itself? I might be
wrong, but if no rights are granted to the trigger, then the caller
permission is used.