Manualshelf

SQL/MX 3.2 Reference Manual (H06.25+, J06.14+)

ManualsBrandsHP ManualsServerHP Integrity NonStop H-Series
51525354555657585960
Introduction
HP NonStop SQL/MX Release 3.2 Reference Manual691117-001
1-7
The Super ID
SYSTEM - the implicit grantor of privileges to the owners of objects. You cannot
specify SYSTEM on any DDL statement. It is an internal ID, mentioned here only
because it may be visible from a query of the metadata.
The Super ID
In SQL:1999, the creator of an object is the owner of the object. In addition, NonStop
SQL/MX enables the super ID, corresponding to Guardian user-id (255,255), to act as
the owner of any object on a given node.
The super ID can create objects in a schema owned by any user. However, when the
super ID creates an object in a schema owned by some other user, the actual owner of
that object is that user, not the super ID. In addition to creating objects, the super ID
can grant or revoke privileges on objects on behalf of users who have the privilege of
performing this grant or revoke action.
The super ID can perform DDL operations on any object on behalf of the object’s
owner.
Guardian User ID
Each user authorized to log on to a node is identified by a Guardian user ID that
consists of a group and user identification. The user ID has one of these forms:
group_number,user_number or
group_name.user_name
Guardian Super ID
Each node has one special user ID called the super ID that has Guardian group 255
and user number 255. The super ID has one of these forms:
255,255 or
SUPER.SUPER
The Super ID can act as the owner of any Guardian file on the node and any object
within the domain of the SQL/MX system catalog on that node.
Security Administrator
A SQL/MX Security Administrator (SA) is a Guardian user ID designated to hold
security administrator privileges by a GRANT SECURITY_ADMIN statement. Security
administrator privileges allow a security administrator to GRANT and REVOKE object
privileges to other users without having access to the objects themselves and to
change the ownership of any SQL/MX object. The domain of a Security Administrator's
privileges is all the objects within the SQL/MX system catalog within which that user is
designated a Security Administrator (that is granted SECURITY_ADMIN).