To provide additional database security, a separate level of security controls creating and dropping databases. The -gu database server command-line option controls who can execute the file administration statements.
There are four levels of permission for the use of file administration statements. These levels are: all, none, DBA, and utility_db. The utility_db level permits only a person able to connect to the utility database to use the file administration statements.
-gu switch value |
Effect |
Applies to |
|---|---|---|
all |
Anyone can execute file administration statements |
Any database including the utility database |
none |
No one can execute file administration statements |
Any database including the utility database |
DBA |
Only DBA-authority users can execute file administration statements |
Any database including the utility database |
utility_db |
Only the users who can connect to the utility database can execute file administration statements |
Only the utility database |
start_iq -n testsrv -gu utility_db
start_iq -n testsrv -gu utility_db -iqmt 256
dbisql -c "uid=DBA;pwd=IQ&Mine49;dbn=utility_db;eng=testsrv"
Executing this statement successfully connects you to the utility database. You are now able to create and delete databases.