On Wed, 10 Mar 2004, Andreas Pflug wrote:
> Kris Jurka wrote:
>
> >On Wed, 10 Mar 2004, Andreas Pflug wrote:
> >
> >The problem that cannot be solved with either this or a function that
> >loops and grants on each table is that it is not a permanent grant of what
> >the admin had in mind. If a new table is added or an existing table is
> >dropped and recreated, the grants must be done again. The real use of a
> >SELECT ANY TABLE permission is ignorance of schema updates.
> >
> >
> Hm, does this exist in other DBMS?
> As soon as roles are implemented, there might be a default role
> ('public') for this. Until then, using groups solves most of the
> problems (well, you certainly still need to GRANT rights to your
> preferred group).
>
Groups help, but only if you want to GRANT to more than one user, and you
still need to do it on after schema changes. I know this is implemented
in at least Oracle, SELECT ANY TABLE is in fact the permission
name used.
Kris Jurka