11.1.3. Administrators

As a general description, an administrator is a user that has sufficient rights to read, write to, create, alter or delete any object in a database to which that user’s administrator status applies. The table summarises how “Superuser” privileges are enabled in the various Firebird security contexts.

Table 177. Administrator (“Superuser”) Characteristics
UserRDB$ADMIN RoleComments

SYSDBA

Auto

Exists automatically at server level. Has full privileges to all objects in all databases. Can create, alter and drop users but has no direct access to the security database

root user on POSIX

Auto

Exactly like SYSDBA

Superuser on POSIX

Auto

Exactly like SYSDBA

Windows Administrator

Set as CURRENT_ROLE if login succeeds

Exactly like SYSDBA if all of the following are true:

In firebird.conf file

Authentication = mixed or trusted and Firebird is restarted before proceeding

AUTO ADMIN MAPPING

Enabled in all databases in which the user needs Superuser privileges

Login

Does not include a role

Database owner

Auto

Like SYSDBA, but only in the database of which he is the owner

Regular user

Must be previously granted; must be supplied at login

Like SYSDBA, but only in the database(s) where the role is granted

POSIX OS user

Must be previously granted; must be supplied at login

Like SYSDBA, but only in the database(s) where the role is granted

Windows user

Must be previously granted; must be supplied at login

Like SYSDBA, but only in the database(s) where the role is granted. Not available if config file parameter Authentication = native