Teradata Client Software Enforcement of Trusted Sessions - Analytics Database - Teradata Vantage

SQL Data Control Language

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2023-07-11
dita:mapPath
sgu1628111251052.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
dvv1472243528022
lifecycle
latest
Product Category
Teradata Vantage™

Client software enables the enforcement of this security feature by providing code developers with the ability to indicate whether an SQL request is trusted or not. To do this for a CLIv2 application, use the Trusted flag of the CLIv2 Options parcel to specify Y if a request is trusted or N if a request is not.

You should always code your trusted user-based middle tier applications using Parcel Mode Fetch CLIv2 operations only. If you code the application using a CLIv2 Buffer Mode Fetch operation, it becomes possible for nontrusted users to construct their own Options parcels and inject nontrusted SQL code into the application.

Refer to either Teradata® Call-Level Interface Version 2 Reference for Workstation-Attached Systems, B035-2418 or Teradata® Call-Level Interface Version 2 Reference for Mainframe-Attached Systems, B035-2417, as appropriate, for detailed information about the Options parcel and how CLIv2 applications can be coded using Parcel Mode Fetch operations and the DBCAREA.

Each of the Teradata application APIs provides a mechanism for applications to specify whether requests are to be trusted or not. This mechanism prohibits an SQL request from being upgraded from a nontrusted status to trusted status. Refer to the appropriate Teradata Tools and Utilities documentation to determine how the API you are using for your middle tier application handles this feature.