subject:"Re\: \[U2\] \[UV\] CONVERT.SQL \(UV files \& SQL tables\)"

RE: [U2] [UV] CONVERT.SQL (UV files & SQL tables)

2004-06-06 Thread Ray Wurlod

When you convert a hashed file into an SQL table, as well as creating entries in 
UV_TABLES, UV_COLUMNS, UV_ASSOC system tables and the file's security and integrity 
constraints area (SICA), you also create an implicit grant of all privileges to 
public.  Once you apply any explicit grant, the implicit one is removed.
So, no, you're not doing anything wrong and, yes, you will need to grant whatever 
table privileges other, non-SQL users, require.

The nice thing is, you can now grant SELECT and UPDATE privilege to specific columns 
on a per-user basis, so you have much finer granularity in your security model.

There is one possible loophole.  The OPENCHK tunable parameter allows BASIC programs 
to bypass SQL integrity checking; it may (I've never tried it) also allow BASIC 
programs to bypass SQL security checking.
---
u2-users mailing list
[EMAIL PROTECTED]
To unsubscribe please visit http://listserver.u2ug.org/

Re: [U2] [UV] CONVERT.SQL (UV files & SQL tables)

2004-06-03 Thread Geoffrey Mitchell

Well, you don't HAVE to convert your files to SQL tables to access them
via SQL.  By default, you should be able to run any SQL statement
against any UniVerse file.  To restrict to select access for one or more
tables, you can use the HS_FILE_ACCESS file.

This is documented in the Using the IBM JDBC Driver for UniData and
UniVerse manual, and maybe elsewhere  It works for ODBC as well...

If you WANT to convert your files to SQL tables, you should be able to
grant privileges to PUBLIC, rather than individually granting privileges
to each user.

On Thu, 2004-06-03 at 00:53, [EMAIL PROTECTED] wrote:

> * Note: I'm resending this posting as after almost 3 hours my first attempt
> still hasn't appeared back in my inbox.
> --
> Our UniVerse files on our production unix box all have permissions set so
> owner and group both have read & write access. 
> Our users are all locked into menus and can only access the files via the
> application programs.
> 
> I would like to make one of these files accessible (SELECT only) to the
> outside world via SQL.
> 
> If I use CONVERT.SQL to convert the file into a table and then use GRANT to
> set connect & select access to a specific user, that user can then connect &
> perform SQL selects on the file.
> 
> BUT - the rest of our users can no longer access the file via regular
> UniVerse commands (LIST statements, BASIC reads and writes, etc).
> 
> It looks like I would have to GRANT connect, select, update, delete & insert
> on the table to EVERY regular UniVerse user just so they can continue to
> access this file normally.
> 
> Is there a better (ie. easier) way to achieve this?
> 
> Am I doing something wrong?
> 
> I suppose I could make a copy of the file in question which would only be
> used via SQL, but that would present further complications.
> 
> AdrianW
> 
> 
> Disclaimer.  This e-mail is private and confidential. If you are not the
> intended recipient, please advise us by return e-mail immediately, and
> delete the e-mail and any attachments without using or disclosing the
> contents in any way. The views expressed in this e-mail are those of the
> author, and do not represent those of this company unless this is clearly
> indicated. You should scan this e-mail and any attachments for viruses. This
> company accepts no liability for any direct or indirect damage or loss
> resulting from the use of any attachments to this e-mail.
> ---
> u2-users mailing list
> [EMAIL PROTECTED]
> To unsubscribe please visit http://listserver.u2ug.org/
> ---
> [This E-mail scanned for viruses by Declude Virus]

-- 
Geoffrey Mitchell   314-684-1062
Programmer/Analyst  [EMAIL PROTECTED]
Knights Direct
---
u2-users mailing list
[EMAIL PROTECTED]
To unsubscribe please visit http://listserver.u2ug.org/

RE: [U2] [UV] CONVERT.SQL (UV files & SQL tables)

2004-06-03 Thread alfkec

Strangely enough - I got both copies at the same time, but then again, I
find it's not unusual to get an answer to a question before I get the
question.

In answer to your query we did a similar thing recently. We setup an entire
account with read only access for ODBC files. The files (VOC entries) had
their own cleaned up dictionaries and pointed to the original data. We
created select only views on these.

We did this in UniData and it does SQL/ODBC differently, but you should be
able to use the same technique of creating a new VOC file entry that points
to the original file.

hth
-- 
Colin Alfke
Calgary, Alberta Canada

"Just because something isn't broken doesn't mean that you can't fix it"

Stu Pickles


>-Original Message-
>From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
>Sent: Wednesday, June 02, 2004 11:53 PM
>To: [EMAIL PROTECTED]
>Subject: [U2] [UV] CONVERT.SQL (UV files & SQL tables)
>
>
>* Note: I'm resending this posting as after almost 3 hours my 
>first attempt
>still hasn't appeared back in my inbox.
>--
>Our UniVerse files on our production unix box all have 
>permissions set so
>owner and group both have read & write access. 
>Our users are all locked into menus and can only access the 
>files via the
>application programs.
>
>I would like to make one of these files accessible (SELECT only) to the
>outside world via SQL.
---
u2-users mailing list
[EMAIL PROTECTED]
To unsubscribe please visit http://listserver.u2ug.org/

RE: [U2] [UV] CONVERT.SQL (UV files & SQL tables)

Re: [U2] [UV] CONVERT.SQL (UV files & SQL tables)

RE: [U2] [UV] CONVERT.SQL (UV files & SQL tables)

3 matches

Site Navigation

Mail list logo

Footer information