|
I've been somewhat following this thread and I'm confused/surprised by
how the authority is working (or not working).
I would have first expected that a user's authority to a trigger program
would either be ignored, or at least honor the adopted authority. I say
this because the trigger is, conceptually, a component of the DBMS.
Honoring the authority on the trigger program is somewhat akin to
preventing you from inserting a row into a physical because there's an
access path built over it that you don't have access to, and therefore
you can't update that access path.
However, I can accept that the design consideration was to honor
security, but they why ignore adopt? In the case of adopt I (the DBA)
have made the decision to allow this program to update a file, even if
the user running the program doesn't have access to the file. Why would
I want to then prevent the authority from flowing to the trigger?
Then, even if that's the design decision, the last thing I got from this
thread is that the trigger program wouldn't adopt authority, even if the
adopt was specified directly on the trigger program. While the other two
didn't make much sense, this makes absolutely no sense. Why would this
be the design? Does this make any sense to anyone?
One other thought, what if the trigger program called another program,
and _that_ program adopted authority, would the adoption then be
honored?
-Walden
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.