Path: utzoo!utgpu!jarvis.csri.toronto.edu!clyde.concordia.ca!uunet!snorkelwacker!husc6!bochner From: bochner@abacus.harvard.edu (Harry Bochner) Newsgroups: comp.databases Subject: Permissions on views in INFORMIX Message-ID: Date: 13 Feb 90 17:40:02 GMT Sender: news@husc6.harvard.edu Distribution: comp.databases Organization: Aiken Computation Lab, Harvard University Lines: 19 It seems like one of the main features of views is to provide user access control: if you create a view that selects exactly the data that belongs to a particular user, you should be able to grant that user select permission on just that view, while denying access to the underlying tables. That way you get access control exactly customized to the user. It does work this way in some versions of SQL (I think), but apparently not in INFORMIX, according the experiments I just tried in ISQL 2.10.03F (on a sun4). I was able to select through the view only when selection permission was granted on the underlying tables as well. That seems to make views useless for protection purposes. Am I missing something, or do I have to find some other way to restrict access to the data? Thanks for any suggestions ... -- Harry Bochner bochner@endor.harvard.edu