Privileges on objects

ANSI-compliant databases and non-ANSI-compliant databases differ as to which users are granted table-level privileges by default when a table in a database is created. ANSI standards specify that the database server grants only the table owner (and the DBA if they are not the same user) any table-level privileges. In a database that is not ANSI-compliant, however, privileges are granted to PUBLIC. In addition, the database server provides two table-level privileges, Alter and Index, that are not included in the ANSI standards.

To run a user-defined routine, you must have the Execute privilege for that routine. When you create an owner-privileged procedure for an ANSI-compliant database, only the owner of the user-defined routine has the Execute privilege. When you create an owner-privileged routine in a database that is not ANSI-compliant, the database server grants the Execute privilege to PUBLIC by default.

Setting the NODEFDAC environment variable to 'yes' causes a database that is not ANSI-compliant to emulate the behavior of an ANSI-compliant database in not granting privileges to PUBLIC automatically when a user creates a table or an owner-privileged routine. For more information about privileges, see Grant and limit access to your database and the description of the GRANT statement in the HCL OneDB™ Guide to SQL: Syntax.