People, I created two unprivileged users, then with the first I created a domain. Logged in with the second and tried to drop the domain: error, no privileges. This is a great protection compared to previous versions. Now, users cannot delete records from rdb$pages either.
However, any user can add fields to monitoring tables. I would say this is silly but harmless. However, dropping fields is strange, I think: F:\fb3dev\fbbuild\firebird30\output_Win32>isql alex.fdb -user test2 -pass test2 Database: alex.fdb, User: test2 SQL> alter table mon$database drop mon$next_transaction; ====> success SQL> alter table mon$database drop mon$next_transaction; Statement failed, SQLSTATE = 42S22 unsuccessful metadata update -ALTER TABLE MON$DATABASE failed -column MON$NEXT_TRANSACTION does not exist in table/view MON$DATABASE SQL> I logged off, logged in and the field is gone definitely, because I can't access nor drop it again. Weird, I continued dropping fields until only rdb$database_name was left, but fortunately, the server didn't crash. Also, I noticed that rdb$database_name contains the full db path: will it be the same case if I work through database aliases? I think some effort was put into hiding the real db name. C. --- Claudio Valderrama C. - www.cvalde.net Consultant, SW developer. ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
