Re: Setting READ or UPDATE aceess using exit program for ODBC -- MIDRANGE-L

Subject: Re: Setting READ or UPDATE aceess using exit program for ODBC
From: Luis Rodriguez <luisro58@xxxxxxxxx>
Date: Tue, 19 May 2015 08:39:45 -0430
List-archive: <http://archive.midrange.com/midrange-l/>
List-help: <mailto:midrange-l-request@midrange.com?subject=help>
List-id: Midrange Systems Technical Discussion <midrange-l.midrange.com>
List-post: <mailto:midrange-l@midrange.com>
List-subscribe: <http://lists.midrange.com/mailman/listinfo/midrange-l>, <mailto:midrange-l-request@midrange.com?subject=subscribe>
List-unsubscribe: <http://lists.midrange.com/mailman/options/midrange-l>, <mailto:midrange-l-request@midrange.com?subject=unsubscribe>

Adam,

Sometime ago I set up a crude ODBC authorization tool in our shop using,
besides the exit point, a control file that specified the User ID and the
"access level" that user had (SELECT/INSERT/UPDATE/DELETE). So what I did
was to scan the SQL statement and, if it had a keyword I didn't like
according to the access level (SELECT/INSERT/UPDATE/DELETE) the statement
was denied (Did I mention it was crude approach?).

There was also a list of statements that weren't allowed under any
circumstances (eg., ALTER, GRANT, REVOKE, etc).

HTH,

Luis Rodríguez

Luis Rodriguez
IBM Certified Systems Expert — eServer i5 iSeries

As an Amazon Associate we earn from qualifying purchases.

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.