Subject Re: [firebird-support] Which is the reason for the clause GRANTED BY?
Author Paul Vinkenoog
Walter wrote:

> When a privilege is granted it seems logic to me to store it in the
> database with the current user as the grantor.

Of course, and that's the default.

> With the GRANTED BY clause, the user who grants the privilege can have
> someone else registered as the grantor.
> Why?
> Which would be the reason for to do that?

First, only the database owner and users with admin rights can do that - not just any grantor.

One reason I can think of: to enable the user thus registered as grantor to revoke the privilege later if and when he sees fit. Without this option, it would take an admin/owner account to revoke the privilege again.

It's a bit like root creating files and then transferring ownership to a normal user.

Paul Vinkenoog