Revoke consequence and transfer of onwer ship

venkata rama rajesh mallina

Revoke consequence and transfer of onwer ship

HI All

Actually when some one saying that we got a revoke ticket and statements are ready for review. The first question  from me is - does "NOT INCLUDING DEPENDENT PRIVILEGES" clause is included or not, in order to avoid cascade revoke effect. But now I read a point at every revoke syntax saying that "An object might be dropped if a privilege is revoked that was used to create the object". I did not understand what are the scenario's or what are all the objects this sentence applicable. I just have a approximate knowledge only on this sentence and I am not confident in that. Regarding above highlighted sentence, could some one educate me. Though I am not understanding the problem clearly, I hope Transfer of ownership concept came in DB2 12 is the solution for this. Please share you knowledge on this

Venkata Rama Rajesh

Edited By:
venkata rama rajesh mallina[Organization Members] @ Jan 27, 2018 - 02:14 PM (America/Eastern)
venkata rama rajesh mallina[Organization Members] @ Jan 27, 2018 - 02:17 PM (America/Eastern)

James Campbell

Revoke concequences and transfer of onwer ship
(in response to venkata rama rajesh mallina)
Two simple scenarios where REVOKE NOT INCLUDING DEPENDENT PRIVILEGES will
have an effect:

- an id is GRANTed SELECT on a table, and is the OWNER of package that uses that
SELECT authority to validate access to the table. Revoke NIDP will invalidate the package -
because the owner no longer has the authority to select from the table.

- an id has an authority that allows it to create a tablespace. Revoke NIDP might drop the
tablespace - again because the owner no longer has the authority to create it. If the id has
multiple authorities that allowed it to create the tablespace, this will depend on which one Db2
decided to use for the authorisation.


James Campbell



On 27 Jan 2018 at 12:13, venkata rama rajesh mallina wrote:

>
> HI All
> Actually when some saying that we got a revoke ticket and statements are ready for review. The
> first question I would ask the does "NOT INCLUDING DEPENDENT PRIVILEGES" clause is
> included or not, in order to avoid cascade revoke effect. But now I read a point at every revoke
> syntax saying that "An object might be dropped if a privilege is revoked that was used to create
> the object". I did not understand what are the scenario's or what are all the objects this sentence
> applicable. I just have a approximate knowledge only on this sentence and I am not confident in
> that. Regarding above highlighted sentence, could some one educate me. Though I am not
> understanding the problem clearly, I hope Transfer of ownership concept came in DB2 12 is the
> solution for this. Please share you knowledge on this
> Venkata Rama Rajesh
>

venkata rama rajesh mallina

RE: Revoke concequences and transfer of onwer ship
(in response to James Campbell)

Thanks James Campbell
I am lucky to have a reply during weekend

I will perform some testing with these inputs 

 

Venkata Rama Rajesh