About DMCLs
When you secure the DMCL resource type, you can control who can do the following:
Until you secure the DMCL resource type, any user can issue DDL DMCL statements if database security is not in effect, and any user perform the other previously listed functions.
How to Secure DMCLs
If the system dictionary is secured, DBADMIN privilege on the system dictionary is required to manipulate DMCL definitions.
Note: For more information, see Securing the Dictionaries and the User catalog.
The following discussion applies to securing DMCLs explicitly.
To secure DMCLs internally, include an entry in the SRTT:
#SECRTT TYPE=ENTRY, X
RESTYPE=DMCL, X
SECBY=INTERNAL
To secure DMCLs externally, include an entry in the SRTT:
#SECRTT TYPE=ENTRY, X
RESTYPE=DMCL, X
SECBY=EXTERNAL, X
Additional parameters required.
Note: For more information, see #SECRTT.
How to Grant DMCL Definition and Use Privileges
To allow a user to create and maintain a DMCL definition, you issue a GRANT statement on the DMCL resource type, specifying the privilege or privileges and identifying the DMCL.
You can specify any combination of CREATE, ALTER, DROP, DISPLAY, and USE privileges, or you can specify all privileges (DEFINE).
Note: The USE privilege allows the user to punch the DMCL load module and format journal files defined in the DMCL.
As a holder of the applicable SYSADMIN or DBADMIN privilege, you can specify WITH GRANT OPTION when you grant these privileges to allow the recipient to grant the same privileges to another user. You must be connected to the system dictionary.
More Information:
|
Copyright © 2014 CA.
All rights reserved.
|
|