× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. May 2020

Re: Authority required for SQL

I got hung up on the ODBC side of it, but I suppose I can test the same concepts interactively using STRSQL under debug.  But this is an existing package with thousands of logicals; I won't convert them to indexes en masse. But I may end up giving everyone the same access to logicals and to physicals; I don't see a huge downside to that from a security standpoint, and it's easier to manage (all new files, logical or physical, get their authority from *LIBCRTDFT, which assigns it to the standard authorization list).

That being said, I may try the whole logical vs index experiment in a sandbox, just to satisfy my curiosity.

On 5/1/2020 9:59 AM, midrangel@xxxxxxxxxxxxxxxxx wrote:
Justin,

If you are discussing a true index, you are absolutely correct, however if it is the "Logical File" Joe referred to (meaning the hybrid index/view object) then I believe the user would need access to the "Logical".

Joe: If you just create an index your problem would most likely go away since the optimizer should pick that up an use it in the query (Visual Explain time). If not let Visual Explain tell you want index it wants. Then the users only needs access to the actual table.

--
Jim Oberholtzer
Agile Technology Architects

-----Original Message-----
From: MIDRANGE-L <midrange-l-bounces@xxxxxxxxxxxxxxxxxx> On Behalf Of Justin Taylor
Sent: Friday, May 1, 2020 9:02 AM
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxxxxxxxx>
Subject: RE: Authority required for SQL

My understanding is no, but I can't cite a reference. I create all of my indexes as *PUBLIC *EXCLUDE with no private authorities.

HTH



-----Original Message-----
From: Joe Pluta [mailto:joepluta@xxxxxxxxxxxxxxxxx]
Sent: Friday, May 01, 2020 8:00 AM
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxxxxxxxx>
Subject: Authority required for SQL

Say I have two objects: a physical file with no key and a logical over that physical. Both are created using DDS. I want to access the data in the file from ODBC using a common ODBC profile, so my natural inclination is to grant *USE access to the ODBC user profile to the physical file. Here's the question: when my ODBC goes to get data in the order of the logical, does it need to have *USE rights for the logical in order for the SQL engine to take advantage of it?

Basically I'm just trying to decide whether my ODBC profile needs access to my logicals. I'd like to set up a standard as I convert my system from private authorities to AUTLs.


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related questions.

Help support midrange.com by shopping at amazon.com with our affiliate link: https://amazon.midrange.com



As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.