DB2 UDB Security

datapro01

Hello,
I am using the following:
DB2 UDB V8.1.1
AIX 5L

I need to know if there is a way to set up a table so that a particular
group has read access to all of the rows in the table and update
authority to only one of the columns in the rows.

Any help will be appreciated.

Thanks.

Nov 12 '05 #1

bka

You should look into views to accomplish this.

Nov 12 '05 #2

datapro01

Thanks for the suggestion.

I finally found a grant that I can use in the SQL Reference manual that
will do the trick. This form of the grant allows specific priviledges
to be granted on a column.

Thanks again.

Nov 12 '05 #3

Anurag

Hi,
I have never before heard of this feature in DB2 UDB on LUW.

Please also let us know the exact syntax of the command where you can
grant specific priviledges on a column to any user / group.

TiA..........anurag
da*******@yahoo.com wrote:

Thanks for the suggestion.

I finally found a grant that I can use in the SQL Reference manual that
will do the trick. This form of the grant allows specific priviledges
to be granted on a column.

Thanks again.

Nov 12 '05 #4

Anurag

Hi,
I have never before heard of this feature in DB2 UDB on LUW.

Please also let us know the exact syntax of the command where you can
grant specific privileges on a column to any user / group.

TiA..........anurag
da*******@yahoo.com wrote:

Thanks for the suggestion.

I finally found a grant that I can use in the SQL Reference manual that
will do the trick. This form of the grant allows specific priviledges
to be granted on a column.

Thanks again.

Nov 12 '05 #5

Serge Rielau

Anurag wrote:

I have never before heard of this feature in DB2 UDB on LUW.
Please also let us know the exact syntax of the command where you can
grant specific privileges on a column to any user / group.

The feature was added as part of FIPS compliance in I believe DB2 UDB V5.
It's not a very commonly used feature because views to a much better
job. But whomever specified FIPS apparently didn't know that.
Another rather useless feature added for FIPS was CREATE SCHEMA...

Cheers
Serge
--
Serge Rielau
DB2 SQL Compiler Development
IBM Toronto Lab

Nov 12 '05 #6

Mark Yudkin

It has its uses; consider the way IBM implemented their "text extender" by
automatically adding a column to the table.
"Serge Rielau" <sr*****@ca.ibm.com> wrote in message
news:3l*************@individual.net...

Anurag wrote:

I have never before heard of this feature in DB2 UDB on LUW.
Please also let us know the exact syntax of the command where you can
grant specific privileges on a column to any user / group.

The feature was added as part of FIPS compliance in I believe DB2 UDB V5.
It's not a very commonly used feature because views to a much better job.
But whomever specified FIPS apparently didn't know that.
Another rather useless feature added for FIPS was CREATE SCHEMA...

Cheers
Serge
--
Serge Rielau
DB2 SQL Compiler Development
IBM Toronto Lab

Nov 12 '05 #7

datapro01

Sorry it took me so long to get back to this.

Using a view to address my issue just wouldn't work. I needed to allow
my users to see all of the data in each row of the table. Within the
same transaction they needed to be abe to update an indicator field.
Because the programmers were attempting to present this data via a
spreadsheet and not use a program of any kind to control the access I
needed a way for the DB2 catalog info to control what was done to the
rows and columns (the security/authority).

The exact syntax for this form of a grant can be found in the SQL
Refrence Vol II manual. For DB2 V8.1 this starts on page 590 with
specific reference to the column information on page 593.

I hope this helps.

Good luck.

Nov 12 '05 #8