Manualshelf

SQL/MP Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series
51525354555657585960
HP NonStop SQL/MP Reference Manual523352-013
A-9
Example—ALTER CATALOG
Security information for a catalog is stored in catalog tables and file labels for the
catalog. ALTER CATALOG changes the information in the catalog and the
associated file labels on a disk.
Changing ownership or security for a catalog can affect users of objects described
in the catalog, so be careful when you narrow the set of users with read or write
access. If you remove a user's authority to read or write to a catalog, the user
cannot query, alter, or drop an object in the catalog (even if the user owns the
object), or recompile a program that uses an object in the catalog.
SQL-compiling a program requires the authority to write to the PROGRAMS,
USAGES, and TRANSIDS catalog tables in the catalog that contains the
description of the program and to the USAGES and TRANSIDS catalog tables in
any catalogs that contain descriptions of tables or views used by the program.
Because of this requirement, you might want to secure these catalog tables
independently from other catalog tables. You can use ALTER TABLE to set the
security for the PROGRAMS, USAGES, and TRANSIDS tables.
Creating or dropping a catalog requires the authority to write to the system
directory of catalogs in the SQL.CATALOGS table. Therefore, altering write
authority for SQL.CATALOGS can prevent users from creating new catalogs or
dropping existing catalogs. Because of this requirement, you might want to secure
SQL.CATALOGS independently from the other tables in the system catalog. You
can use ALTER TABLE to set the security for SQL.CATALOGS.
Changing the OWNER attribute of a catalog affects the interpretation of the
SECURE file attribute, because authorization is determined at run time using the
current group and owner.
If another process is using a catalog when the owner changes, the process might
not be able to reaccess the catalog after the change.
Example—ALTER CATALOG
This example makes user 201,43 the owner of the catalog named SALES, gives read
and execute authority to all local and remote users, and gives write and purge authority
to all users in group 201:
ALTER CATALOG SALES OWNER 201,43 SECURE "NUNU";