Routine-level privileges
You can apply the Execute privilege on a user-defined routine (UDR)
to authorize nonowners to execute the UDR. If you create a UDR in
a database that is not ANSI-compliant, the default routine-level privilege
is PUBLIC; you are not required to grant the Execute privilege to
specific users unless you have first revoked it. If you create a routine
in an ANSI-compliant database, no other users have the Execute privilege
by default; you must grant specific users the Execute privilege. The
following example grants the Execute privilege to the user orion so
that orion can use the UDR that is named read_address:
GRANT EXECUTE ON ROUTINE read_address TO orion;The sysprocauth system catalog table records routine-level
privileges. The sysprocauth system catalog table uses a primary
key of the routine number, grantor, and grantee. In the procauth column,
the execute privilege is indicated by a lowercase e
. If the
execute privilege was granted with the WITH GRANT option, the privilege
is represented by an uppercase E
.
For more information about routine-level privileges, see the HCL OneDB™ Guide to SQL: Tutorial.