Simplifying Authorization

As you have seen throughout this appendix, there are many rules and considerations to take into account when setting up security in DB2 for zSeries. We would recommend you simplify securityas long as your installation standards allow itfollowing this simple strategy:

  • The implementer should bind the procedure or user-defined function package using the DYNAMICRULES define behavior so that DB2 only checks the definer's ID to execute dynamic SQL statements in the routine. Otherwise, DB2 needs to check the many different IDs that invoke the user-defined function.

  • If you have many different routines, group those routines into schemas and then grant EXECUTE on the procedures in the schema to the appropriate users. Users have EXECUTE authority on any functions that you add to that schema. For example, to grant the EXECUTE privilege on a schema to PUBLIC, issue the following statement:


    DB2 SQL PL. Deployment and Advanced Configuration Essential Guide for DB2 UDB on Linux., UNIX, Windows, i5. OS, z. OS
    Intelligent Enterprises of the 21st Century
    ISBN: N/A
    EAN: 2147483647
    Year: 2003
    Pages: 205 © 2008-2017.
    If you may any questions please contact us: