Hi,

the database "sysuser" is relatively new (introduced with 9.40) and is
only
used to enable authentication for remote connections from client
applications that cannot handle PAM (Pluggable Authentication Modules)
challenges. E.g. I-Star connections are such scenarios. This means that
normally the sysuser database is not used.

Traditionally with IDS database users are not administered inside the
database. Instead, IDS relies on UNIX's user administration and
authentication. I.e. a user who has a UNIX login on the IDS server machine
can also connect to the database server.

For controlling access to databases, tables, views, use SQL statements
like GRANT and REVOKE. Also there are several levels of access rights
(READ, UPDATE, ...). Check the various IBM Informix Manuals to understand
the underlying concepts and get acquainted to the commands ...

Didn't I write a pretty much similar e-mail just last week ?

Regards,
Martin
--
Martin Fuerderer
IBM Informix Development Munich, Germany
Information Management

owner-informix-list@iiug.org wrote on 30.03.2005 01:23:10:
> So I've been experimenting to try and understand Informix permissions.
>
> Looking at the sysuser table, there are 3 entries. One of those three is
> "public". Is "public" a special user? Do users that connect to
> Informix but don't exist in the sysuser table get the "public"
> permissions?
>
> I ask this, because if I connect as a user that exists on the server but
> not within Informix, I seem to have full privileges to select, create,
> update, delete anything I want. I want to understand how best to lock
> things down a little bit. It would be nice to prevent everybody from
> being able to connect and view the HR/Payroll data for instance -- or to
> alter their scholastic records, etc.
>
> How do others manage database permissions?
>
> Brian McLaughlin
> Administrative Computing
> George Fox University
> (503) 554-2587
>
> sending to informix-list

sending to informix-list