12.09.2020 14:03, Mark Rotteveel wrote:

I just noticed that SEC$DB_CREATORS (in Firebird 3) does not restrict visibility. Any user can see all users granted the CREATE DATABASE privilege. I would expect only SYSDBA (or users with RDB$ADMIN active) to be able to see all users.

Is that intentional, and if so why?

Maybe because all other granted permissions (I mean RDB$USER_PRIVILEGES) are also visible to everyone?


Dmitry


Firebird-Devel mailing list, web interface at 
https://lists.sourceforge.net/lists/listinfo/firebird-devel

Reply via email to