Granting the Execute privilege to PUBLIC

The GRANT statement supports syntax for granting access to the PUBLIC group, which includes all users who hold the Connect privilege on the database.

Figure 1: GRANT EXECUTE TO PUBLIC

1  GRANT  Routine level privileges   TO PUBLIC?  AS ' grantor '
Element Description Restrictions Syntax
grantor Owner of the UDR Cannot be a role Owner name

This statement enables everyone in the PUBLIC group to execute the specified routine. It overrides the NODEFDAC environment variable, if that is set to prevent the PUBLIC group from receiving Execute privilege on the routine by default. This statement also enables users who do not hold the DBA privilege to execute the specified routine, whether that routine was created with the DBA keyword.

Only users who hold the DBA privilege can specify the AS grantor clause. The specified grantor must be the owner of the specified routine, as listed in the owner column of the sysprocedures system catalog table. The grantor cannot be the name of a role or the PUBLIC keyword.

In an ANSI-compliant database, the AS grantor clause is required, rather than optional, if the DBA who issues the GRANT EXECUTE statement is not the owner of the specified routine.

Only the user specified in the optional AS grantor clause can use the REVOKE statement of SQL to revoke the Execute privilege from the PUBLIC group

The user specified in the optional AS grantor clause can use the REVOKE statement to revoke the Execute privilege from the PUBLIC group.