04.01.2014 11:51, Alan McDonald wrote:
Users with RDB$ADMIN granted to them have the ability to creates users.
They can, of course, also grant other roles to users.
But they cannot revoke roles already granted to a user by another
RDB$ADMIN or SYSDBA since the RDB$GRANTOR is always a user
04.01.2014 11:51, Alan McDonald wrote:
Users with RDB$ADMIN granted to them have the ability to creates users.
They can, of course, also grant other roles to users.
But they cannot revoke roles already granted to a user by another
RDB$ADMIN or SYSDBA since the RDB$GRANTOR is always
04.01.2014 14:03, Alan McDonald wrote:
That may work but it doesn't seem right that we have to query the grantor
before an RDB$ADMIN can issue the command. RDB$ADMIN, I thought, in theory,
was to be equal in all things to SYSDBA, and SYSDBA should also be able to
override a grant granted by