15.10 - EXTERNAL SECURITY - Teradata Database

Teradata Database SQL Data Definition Language Syntax and Examples

prodname
Teradata Database
vrm_release
15.10
created_date
December 2015
category
Programming Reference
featnum
B035-1144-151K

Keywords introducing the external security clause.

This clause is mandatory for methods that perform operating system I/O operations.

If you do not specify an external security clause, but the method being defined performs OS I/O, then the results of that I/O are unpredictable. The most likely outcome is crashing the database, and perhaps crashing the entire system.

See the CREATE FUNCTION/REPLACE FUNCTION topic “External Security Clause” in SQL Data Definition Language - Detailed Topics, B035-1184 for information about the EXTERNAL SECURITY clause and how it is used for UDFs. This information generalizes to all external routines, including methods and external SQL procedures.

See CREATE AUTHORIZATION and REPLACE AUTHORIZATION for information about creating authorizations for external routines.

DEFINER
The method runs in the client user context of the associated security authorization object created for this purpose, which is contained within SYSUDTLIB.
  • If you specify an authorization name, you must define an authorization object with that name before you can invoke the method.
  • If you do not specify an authorization name, you must define a default DEFINER authorization object.
The default authorization object must be defined before a user can run the method.
The system reports a warning if the specified authorization name does not exist at the time the method is created, stating that no authorization name exists.
See CREATE AUTHORIZATION and REPLACE AUTHORIZATION.
authorization_name
An optional authorization name.
INVOKER
The method runs in the OS user context with the associated default authorization object that exists for this purpose.
See CREATE AUTHORIZATION and REPLACE AUTHORIZATION.