Solved: What can a user with SET ANY SECURITY OPTION do? - SAP Community

1,215

SAP Managed Tags:
SAP SQL Anywhere

Apparently there is no list, or even a Help topic that describes exactly what SET ANY SECURITY OPTION allows.

Oh, no, wait, there's this: SET ANY SECURITY OPTION Allows a user to set any PUBLIC security database options.

...well, that was useful ...not ...there is no such thing as "security database option" according to a search of the Help.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

A Hallmark of the security model: So complex only hackers understand it 🙂

In particular: I want to give a user the ability to "SET OPTION PUBLIC.database_authentication", and I want to know what the implications are.

If that is the only option required, wouldn't a separate wrapper procedure do the trick?

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

> wouldn't a separate wrapper procedure do the trick?

Yes, indeed, that is the best answer... I am forever grateful for the CREATE PROCEDURE ... SQL SECURITY DEFINER clause.

Every few years I have to check "Is that really the default?" and then I re-discover The Watcom Rule... yes, that is the way it should be done, so yes, that is the way SQL Anywhere does it 🙂

Ask a Question

Top Q&A Solution Author

User

Count

72

18

10

7

7

4

4

4

4

3