SQL/MP Reference Manual
HP NonStop SQL/MP Reference Manual—523352-013
S-11
SECURE File Attribute
SECURE File Attribute
SECURE is a Guardian file attribute that corresponds to the security string that controls
Guardian file security for table, index, collation, and protection views.
"rwep"
is a four-character string that specifies the Guardian read, write, execute, and
purge security for an object or file. For more information, see Security on
page S-11.
Considerations—SECURE File Attribute
To provide user groups with write access to tables, views, indexes, or catalogs, you
must specify read access in addition to write access for those groups.
A SECURE attribute that permits access to a file from other nodes in the network is
necessary, but not sufficient, to allow users to access the file over the network.
Network users must also be authorized to access the node on which the file
resides in addition to authorized to access that specific file.
Examples—SECURE File Attribute
This SECURE attribute permits other users on the network to execute the file but
permits only the owner to read, write, or purge the file:
SECURE "OONO"
This SECURE attribute permits other users on the network to read or update the
file but permits only the owner to purge or execute the file:
SECURE "NNOO"
Security
Authorization to access SQL/MP objects is maintained by the Guardian environment
and checked by Nonstop SQL/MP. Each SQL/MP object has associated security
values that determine who can read, write to, execute, and purge the object.
SQL programs in Guardian files and other Guardian files used with SQL/MP
applications also use the security provided by the Guardian environment. Each
Guardian file has an associated set of security values like those for SQL/MP objects.
SQL/MP objects, SQL programs in Guardian files, and other Guardian files can
optionally use the Safeguard security management facility, a product that provides
security features beyond those of standard Guardian security. The Safeguard
SECURE “rwep”