Revoking and granting privileges to protect audit data

When you create a database as described in the following sections, make sure that the database is protected against unauthorized access.

By default, tables that you create in databases that are not ANSI-compliant have privileges that allow access to all users. Although the default database permissions or access privileges prevent access to the tables, correct security practice protects the audit-analysis table in a database that is not ANSI-compliant by revoking access from all other users as soon as that table is created.

You can use the following SQL statements to control access:

REVOKE ALL ON table FROM PUBLIC;
GRANT ALL ON table TO informix;

After table privileges are revoked, generally with the REVOKE statement, you can grant individual users (for example, user informix) access to the tables with the GRANT statement. For information about SQL statements, see the HCL OneDB™ Guide to SQL: Syntax.

Tables created in ANSI-compliant databases have privileges that allow access only by the owner, which is the appropriate security measure.

In a database that is not ANSI-compliant, you can also use the NODEFDAC environment variable to control access to tables and to UDRs. When set to yes, NODEFDAC prevents default table privileges (Select, Insert, Update, and Delete) from being granted to PUBLIC when a new table is created, and also prevents the Execute privilege from being granted by default to PUBLIC when a new UDR is created in Owner mode. For details, see the description of NODEFDAC in the HCL OneDB Guide to SQL: Reference.