Oracle Rdb controls access rights that grant or deny users access
to:
o Data in an Oracle Rdb database
o Oracle Rdb data definition statements
o Oracle Rdb utility statements
When specifying access rights, remember these rules:
o Oracle Rdb denies all access rights not explicitly granted.
o Specify only those access rights to which you want to grant
access.
o If you want to grant all access rights, you can do so by
specifying the keyword "ALL" instead of listing all the access
rights.
o If you want to deny all access rights, you can do so by
specifying the keyword "NONE".
For tables that define these access rights, ask for Additional
Information on DATA_ACCESS, DEF_ACCESS.
1 – DATA_ACCESS
This table lists the access rights that control access to data.
Table 1:
Access Right To Grant To Deny
------------------------------------------------
Read data READ NOREAD
Store data WRITE NOWRITE
Modify data MODIFY NOMODIFY
Erase data ERASE NOERASE
------------------------------------------------
2 – DEF_ACCESS
This table lists the access rights that control access to
database definitions.
Access Right To Grant To Deny
---------------------------------------------------------------
Define global field, DEFINE NODEFINE
relation, or storage map
Change global field CHANGE NOCHANGE
Delete global field DELETE NODELETE
Run two-phase commit DISTRIBTRAN NODISTRIBTRAN
transaction on database
Define, change, delete CONTROL NOCONTROL
database protection
[future versions] REFERENCES NOREFERENCES
Specify, show, and review SECURITY NOSECURITY
the security audit trail
[future versions] SHOW NOSHOW
Open or close a database ADMINISTRATOR NOADMINISTRATOR
Any CHANGE DATABASE ADMINISTRATOR NOADMINISTRATOR
option
Delete a database ADMINISTRATOR NOADMINISTRATOR
---------------------------------------------------------------
This table lists the access rights that control access to
relation definitions.
Access Right To Grant To Deny
--------------------------------------------------------------
Define index or storage DEFINE NODEFINE
map
Define trigger READ,DEFINE NOREAD,NODEFINE
Define view or constraint READ,DEFINE NOREAD,NODEFINE
Change relation CHANGE NOCHANGE
Delete relation, DELETE NODELETE
index, view,
constraint, or storage
map
Define, change, delete CONTROL NOCONTROL
protection for
relation
[Reserved for future SHOW NOSHOW
versions]
[Reserved for future OPERATOR NOOPERATOR
versions]
--------------------------------------------------------------