A separate level of security, which controls the creating and dropping of databases, provides additional database security. The -gu database server command line option controls who can execute the file administration statements.
There are four levels of permission for the use of file administration statements: all, none, DBA, and utility_db. The utility_db level permits a user who can connect to the utility database to use the file administration statements.
-gu Switch Value |
Effect |
Applies To |
---|---|---|
all |
Anyone can execute file administration statements |
Any database including the utility database |
none |
No one can execute file administration statements |
Any database including the utility database |
DBA |
Only users with the SERVER OPERATOR system privilege can execute file administration statements |
Any database including the utility database |
utility_db |
Only the users who can connect to the utility database can execute file administration statements |
Only the utility database |
start_iq -n testsrv -gu utility_db
start_iq -n testsrv -gu utility_db -iqmt 256
dbisql -c "uid=DBA;pwd=IQ&Mine49;dbn=utility_db;eng=testsrv"
Executing this statement successfully connects you to the utility database, and you can now create and delete databases.