Brian McLaughlin
2005-03-23 18:40:34 UTC
This is a multi-part message in MIME format.
------_=_NextPart_001_01C52FD7.CC8655EA
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
I've searched the web and found all kinds of information on the syntax
for the grant/revoke statements. But in my experimenting, it's become
obvious I'm missing something!
=20
When I create a user on the server and connect to Informix as that new
user, the user seems to have full privileges to select, insert, delete,
etc. When, as the Informix user, I try to "revoke select on table3 from
testuser" I get:
580: Cannot revoke permission.
111: ISAM error: no record found.
=20
So I tried a "grant select on table3 to testuser" and I get:
302: No GRANT option or illegal option on multi-table view
=20
( table3 is just a simple table with a couple of columns in it and a
half-dozen rows )
=20
The syntax for removing permissions (other than database-level
privileges) appears to be table-by-table. Assuming I can get past the
problems above, I'd like to revoke all from all tables and then go back
and grant certain privileges on certain tables to certain users. Is
there a simple way to do that? It seems that I could add users to a
role that revokes everything and then add the priv's back on the
individual user, but A. It's still a pain to set the role up revoking
all on each table. B. As new tables are created, the role would have to
be updated to revoke privileges on it.
=20
I'm pretty sure I'm missing something here.
=20
If someone has that single piece that will make be go "Ah Hah!" I'd like
to hear what it is! Or, if it really is more complicated than that, do
you have any recommendations for a web site or a book that will clue me
in? That'd be great too!=20
=20
Thanks,
=20
Brian McLaughlin
Administrative Computing
George Fox University
(503) 554-2587
=20
=20
------_=_NextPart_001_01C52FD7.CC8655EA
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<html xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:st1=3D"urn:schemas-microsoft-com:office:smarttags" =
xmlns=3D"http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3DContent-Type content=3D"text/html; =
charset=3Dus-ascii">
<meta name=3DGenerator content=3D"Microsoft Word 11 (filtered medium)">
<o:SmartTagType =
namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"
name=3D"PlaceType"/>
<o:SmartTagType =
namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"
name=3D"PlaceName"/>
<o:SmartTagType =
namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"
name=3D"place"/>
<o:SmartTagType =
namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"
name=3D"PersonName"/>
<!--[if !mso]>
<style>
st1\:*{behavior:url(#default#ieooui) }
</style>
<![endif]-->
<style>
<!--
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:Arial;
color:windowtext;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.25in 1.0in 1.25in;}
div.Section1
{page:Section1;}
-->
</style>
</head>
<body lang=3DEN-US link=3Dblue vlink=3Dpurple>
<div class=3DSection1>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>I’ve searched the web and found all kinds of
information on the syntax for the grant/revoke statements. But in =
my
experimenting, it’s become obvious I’m missing =
something!<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>When I create a user on the server and connect to =
Informix
as that new user, the user seems to have full privileges to select, =
insert,
delete, etc. When, as the Informix user, I try to “revoke =
select on
table3 from testuser” I get:<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>580: Cannot revoke =
permission.<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>111: ISAM error: no record =
found.<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>So I tried a “grant select on table3 to =
testuser”
and I get:<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>302: No GRANT option or illegal option on multi-table =
view<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>( table3 is just a simple table with a couple of =
columns in
it and a half-dozen rows )<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>The syntax for removing permissions (other than
database-level privileges) appears to be table-by-table. Assuming =
I can
get past the problems above, I’d like to revoke all from all =
tables and
then go back and grant certain privileges on certain tables to certain =
users.
Is there a simple way to do that? It seems that I could add users =
to a
role that revokes everything and then add the priv’s back on =
the individual
user, but A. It’s still a pain to set the role up revoking all on =
each
table. B. As new tables are created, the role would have to be =
updated to
revoke privileges on it.<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>I’m pretty sure I’m missing something =
here.<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>If someone has that single piece that will make be go =
“Ah
Hah!” I’d like to hear what it is! Or, if it really is =
more
complicated than that, do you have any recommendations for a web site or =
a book
that will clue me in? That’d be great too! =
<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Thanks,<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><st1:PersonName w:st=3D"on"><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'>Brian =
McLaughlin</span></font></st1:PersonName><font
size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial'><o:p></o:p></span></font></p=
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Administrative Computing<o:p></o:p></span></font></p>
<p class=3DMsoNormal><st1:place w:st=3D"on"><st1:PlaceName =
w:st=3D"on"><font size=3D2
face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial'>George</span></font></st1:Pl=
aceName><font
size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial'> <st1:PlaceName
w:st=3D"on">Fox</st1:PlaceName> <st1:PlaceType =
w:st=3D"on">University</st1:PlaceType></span></font></st1:place><font
size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial'><o:p></o:p></span></font></p=
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>(503) 554-2587<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
</div>
</body>
</html>
------_=_NextPart_001_01C52FD7.CC8655EA--
sending to informix-list
------_=_NextPart_001_01C52FD7.CC8655EA
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
I've searched the web and found all kinds of information on the syntax
for the grant/revoke statements. But in my experimenting, it's become
obvious I'm missing something!
=20
When I create a user on the server and connect to Informix as that new
user, the user seems to have full privileges to select, insert, delete,
etc. When, as the Informix user, I try to "revoke select on table3 from
testuser" I get:
580: Cannot revoke permission.
111: ISAM error: no record found.
=20
So I tried a "grant select on table3 to testuser" and I get:
302: No GRANT option or illegal option on multi-table view
=20
( table3 is just a simple table with a couple of columns in it and a
half-dozen rows )
=20
The syntax for removing permissions (other than database-level
privileges) appears to be table-by-table. Assuming I can get past the
problems above, I'd like to revoke all from all tables and then go back
and grant certain privileges on certain tables to certain users. Is
there a simple way to do that? It seems that I could add users to a
role that revokes everything and then add the priv's back on the
individual user, but A. It's still a pain to set the role up revoking
all on each table. B. As new tables are created, the role would have to
be updated to revoke privileges on it.
=20
I'm pretty sure I'm missing something here.
=20
If someone has that single piece that will make be go "Ah Hah!" I'd like
to hear what it is! Or, if it really is more complicated than that, do
you have any recommendations for a web site or a book that will clue me
in? That'd be great too!=20
=20
Thanks,
=20
Brian McLaughlin
Administrative Computing
George Fox University
(503) 554-2587
=20
=20
------_=_NextPart_001_01C52FD7.CC8655EA
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<html xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:st1=3D"urn:schemas-microsoft-com:office:smarttags" =
xmlns=3D"http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3DContent-Type content=3D"text/html; =
charset=3Dus-ascii">
<meta name=3DGenerator content=3D"Microsoft Word 11 (filtered medium)">
<o:SmartTagType =
namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"
name=3D"PlaceType"/>
<o:SmartTagType =
namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"
name=3D"PlaceName"/>
<o:SmartTagType =
namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"
name=3D"place"/>
<o:SmartTagType =
namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"
name=3D"PersonName"/>
<!--[if !mso]>
<style>
st1\:*{behavior:url(#default#ieooui) }
</style>
<![endif]-->
<style>
<!--
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:Arial;
color:windowtext;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.25in 1.0in 1.25in;}
div.Section1
{page:Section1;}
-->
</style>
</head>
<body lang=3DEN-US link=3Dblue vlink=3Dpurple>
<div class=3DSection1>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>I’ve searched the web and found all kinds of
information on the syntax for the grant/revoke statements. But in =
my
experimenting, it’s become obvious I’m missing =
something!<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>When I create a user on the server and connect to =
Informix
as that new user, the user seems to have full privileges to select, =
insert,
delete, etc. When, as the Informix user, I try to “revoke =
select on
table3 from testuser” I get:<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>580: Cannot revoke =
permission.<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>111: ISAM error: no record =
found.<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>So I tried a “grant select on table3 to =
testuser”
and I get:<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>302: No GRANT option or illegal option on multi-table =
view<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>( table3 is just a simple table with a couple of =
columns in
it and a half-dozen rows )<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>The syntax for removing permissions (other than
database-level privileges) appears to be table-by-table. Assuming =
I can
get past the problems above, I’d like to revoke all from all =
tables and
then go back and grant certain privileges on certain tables to certain =
users.
Is there a simple way to do that? It seems that I could add users =
to a
role that revokes everything and then add the priv’s back on =
the individual
user, but A. It’s still a pain to set the role up revoking all on =
each
table. B. As new tables are created, the role would have to be =
updated to
revoke privileges on it.<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>I’m pretty sure I’m missing something =
here.<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>If someone has that single piece that will make be go =
“Ah
Hah!” I’d like to hear what it is! Or, if it really is =
more
complicated than that, do you have any recommendations for a web site or =
a book
that will clue me in? That’d be great too! =
<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Thanks,<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><st1:PersonName w:st=3D"on"><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'>Brian =
McLaughlin</span></font></st1:PersonName><font
size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial'><o:p></o:p></span></font></p=
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Administrative Computing<o:p></o:p></span></font></p>
<p class=3DMsoNormal><st1:place w:st=3D"on"><st1:PlaceName =
w:st=3D"on"><font size=3D2
face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial'>George</span></font></st1:Pl=
aceName><font
size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial'> <st1:PlaceName
w:st=3D"on">Fox</st1:PlaceName> <st1:PlaceType =
w:st=3D"on">University</st1:PlaceType></span></font></st1:place><font
size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial'><o:p></o:p></span></font></p=
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>(503) 554-2587<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
</div>
</body>
</html>
------_=_NextPart_001_01C52FD7.CC8655EA--
sending to informix-list