473,395 Members | 1,972 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > db2 database > questions > security invoker in db2?

Join Bytes to post your question to a community of 473,395 software developers and data experts.

SECURITY INVOKER in DB2?

Hello,

In PostgreSQL, when you create a function, you may choose between SECURITY
INVOKER or SECURITY DEFINER:
http://www.postgresql.org/docs/8.2/s...efunction.html
When a function has SECURITY INVOKER (the default), the SQL it contains is
run with the permissions of the invoking user.

It seems that DB2 UDFs uses SECURITY DEFINER (using PostgreSQL terms), and
that there is no way to change that. Or? Is there a way for me to provide
a UDF to a lot of users but prevent the contained SQL from being executed
with my permissions?

--
Regards,
Troels Arvin <tr****@arvin.dk>
http://troels.arvin.dk/
Feb 21 '07 #1
1 1867
Troels Arvin wrote:
Hello,

In PostgreSQL, when you create a function, you may choose between SECURITY
INVOKER or SECURITY DEFINER:
http://www.postgresql.org/docs/8.2/s...efunction.html
When a function has SECURITY INVOKER (the default), the SQL it contains is
run with the permissions of the invoking user.

It seems that DB2 UDFs uses SECURITY DEFINER (using PostgreSQL terms), and
that there is no way to change that. Or? Is there a way for me to provide
a UDF to a lot of users but prevent the contained SQL from being executed
with my permissions?
You can use dynamic SQL for the pieces you don't want to vouch for.
To use dynamic SQL in a SQL UDF CALL a procedure and place the
PREPARE/EXECUTE/EXECUTE IMMEDIATE in there.
Dynamic SQL runs under invoker rights.

Still curiosu to learn more about what is driving this.
Encapsulation of authority is a core function of views and routines.

--
Serge Rielau
DB2 Solutions Development
IBM Toronto Lab
Feb 22 '07 #2
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

3
Invoker of a method
by: Andre Meyer | last post by:
Hi Pythoneers In an application I am developing I want to register the invoker of a method call. Is there any way to find out who is invoking an object's method? I do not want to rely on the...
Python
2
row level security
by: robert | last post by:
well, talk about timely. i'm tasked to implement a security feature, and would rather do so in the database than the application code. the application is generally Oracle, but sometimes DB2. ...
DB2 Database
116
Security - more complex than I thought
by: Mike MacSween | last post by:
S**t for brains strikes again! Why did I do that? When I met the clients and at some point they vaguely asked whether eventually would it be possible to have some people who could read the data...
Microsoft Access / VBA
4
Error using WS-Security
by: Ashish | last post by:
Hi Guys I am getting the following error while implementing authentication using WS-security. "Microsoft.Web.Services2.Security.SecurityFault: The security token could not be authenticated...
C# / C Sharp
1
return value from main to application invoker
by: Dan | last post by:
hi ng, i want to give the invoker of my application information whether application has passed successfully. it shall get scheduled, and if the exeution did not pass, it should be repeated some...
C# / C Sharp
0
Error while executing .NET remoing security dlls
by: prithvi g via .NET 247 | last post by:
Hi I am a newbie to .NET remoting, I am trying to implementauthorization using SSPI example provided by Michael Barnett. Ihave included the required dll(Microsoft.Samples.Security.SSPI.dll...
C# / C Sharp
1
Design Issue: Separating Application Security Model from the Application (Custom or User) Controls
by: Earl Teigrob | last post by:
Background: When I create a ASP.NET control (User or custom), it often requires security to be set for certain functionality with the control. For example, a news release user control that is...
ASP.NET
7
IIS / Web Services Security threats
by: Magdelin | last post by:
Hi, My security team thinks allowing communication between the two IIS instances leads to severe security risks. Basically, we want to put our presentation tier on the perimeter network and the...
.NET Framework
0
Referenced security token could not be retrieved
by: Jay C. | last post by:
Jay 3 Jan. 11:38 Optionen anzeigen Newsgroups: microsoft.public.dotnet.framework.webservices.enhancements Von: "Jay" <p.brunm...@nusurf.at> - Nachrichten dieses Autors suchen Datum: 3 Jan...
.NET Framework
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!