DB2

DB2 is IBM's offering to the highend database market. The latest version of DB2 (Universal Database) is ideal for OLTP, Data Warehousing, Decision Support and everything in between. It's well priced, extremely scalable and runs on virtually every platform out there from handhelds to mainframes.

DB2 Fenced user questions...


Would like some info. on the proper use of the fenced user. From IBM they say...
"The fenced user is used to run user defined functions (UDFs) and stored procedures outside of the address space used by the DB2 database."
What address spaces would be outside of the DB2 database? Does this mean running stored procedures in another database within the same instance?
Also, would this be the appropriate user for limiting or restricting access to tables owned by the DB2Admin? Or should I create another user for that purpose?
Regards,
Mike
Originally Posted by PanamaMike
What address spaces would be outside of the DB2 database?
Here address space means a range of memory addresses that a particular process is allowed to access. A fenced process runs separately from the DB2 instance process(es) and as such cannot corrupt instance memory if something goes wrong.
Originally Posted by PanamaMike
Does this mean running stored procedures in another database within the same instance?
No.
Originally Posted by PanamaMike
Also, would the be the appropriate user to limiting or restricting access to tables owned by the DB2Admin?
No. A fenced user ID usually has no permissions in the database, except those granted to PUBLIC.
An additional thing for the fenced user is to make sure that user doesn't have privileges on the operating system level to access files owned by the DB2 instance owner. That way, you cannot even have a malicious fenced UDF or stored proc meddling around with your database on this level.
Originally Posted by n_i
Here address space means a range of memory addresses that a particular process is allowed to access. A fenced process runs separately from the DB2 instance process(es) and as such cannot corrupt instance memory if something goes wrong.
No.
No. A fenced user ID usually has no permissions in the database, except those granted to PUBLIC.
Thanks for the responses, this helps clarify.
Originally Posted by stolze
An additional thing for the fenced user is to make sure that user doesn't have privileges on the operating system level to access files owned by the DB2 instance owner. That way, you cannot even have a malicious fenced UDF or stored proc meddling around with your database on this level.
Thanks, this is helpful and provides good insight to the use of a fenced user.
Regards,
Mike

Related Links

questions about answer
Get information about a table
Is creating indexes on date cols fo MAX /MIN aggregate functions good?
Sql prepare and the optimizer
Is there any command in UDB/Linux to List all mount points for a given instance?
sql stored procedure default parameter
Z/os Db2 Unload Utility Question
getting current time in SQL
Get diagnostics exception - error line
I need to force application one bye one as script in Solaries
S04E for COBOL/DB2 stored procedure
Is Reorg needed after table LOAD?
AUTORESIZE in DB2 V8.2
question about IDENTITY
**Error while configuring DB2 client : URGENT**
about creat a table

Categories

DataBase Dev
MongoDB
Adabas
DB2
Informix
Microsoft SQL Server
MySQL
Oracle
Pervasive.SQL
PostgreSQL
Sybase
Other
ASP
Crystal Reports
Delphi, C etc
JAVA
Perl and the DBI
PHP
ANSI SQL
Unix Shell Scripts
Visual Basic
Brilliant Database
Corel Paradox
FileMaker
Microsoft Access
Microsoft Excel
Other PC Databases
New Members & Introduc...
Applications & Tools
Database Concepts & De...
Chit Chat
Marketplace
Job Opportunities
Suggestions & Feedback

Resources

Mobile Apps Dev
Database Users
javascript
java
csharp
php
android
MS Developer
developer works
python
ios
c
html
jquery
RDBMS discuss
Cloud Virtualization
Database Dev&Adm
javascript
java
csharp
php
python
android
jquery
ruby
ios
html
Mobile App
Mobile App
Mobile App