15.00 - When to Specify Unprotected Mode - Teradata Database

Teradata Database SQL Data Definition Language Detailed Topics

Teradata Database
Release Number
Content Type
Programming Reference
Publication ID
English (United States)

When to Specify Unprotected Mode

To protect the system from new external routines that have not yet passed your quality metrics, the default execution mode for all external routines is EXECUTE PROTECTED. If the default specification for CREATE/REPLACE PROCEDURE were EXECUTE NOT PROTECTED, then an error in the created function could crash the system.

Protected mode is a database state that traps on memory address violations, corrupted data structures, and illegal computations, such as divide-by-zero, to ensure they do not crash the system. Protected mode does not detect or protect against CPU and memory loops or operating system I/Os such as opening external files to read from or write to them.

This execution mode isolates all of the data the external routine might access as a separate process, or “server” in its own local work space (see SQL External Routine Programming for details). If any memory violation or other system error occurs, then the error is localized to the routine and the transaction executing it, not the entire database (see “Protected and Unprotected Execution Modes” on page 246 for more information).

Because this isolation also makes the routine run slower, you should change its protection mode to unprotected once it has passed all your quality metrics for being put into production use. You change the execution mode for the routine with a simple ALTER PROCEDURE request (see “ALTER PROCEDURE (External Form)” on page 24) and specifying the EXECUTE NOT PROTECTED option.

Do not make this change for any procedure that makes OS system calls. Any such procedure should always be run in protected mode. You do not need to recompile or relink the external routine after changing its protection mode.

As a rule, the DBA should only specify direct execution mode (assigned by the EXECUTE NOT PROTECTED option) for a procedure that performs CPU‑only operations after it has been thoroughly debugged. No other user than the DBA, not even the software engineer who writes a UDF, should be granted the privileges to alter it to run in unprotected mode. Never run external routines that cause the OS to consume system resources in unprotected mode. This includes anything that causes the OS to allocate system context, including open files, pipes, semaphores, tokens, threads (processes), and so on.

The following table summarizes how the external procedure protection mode options should be used.


IF …

THEN specify …

you are still developing and debugging a procedure


the procedure opens a file or uses another operating system resource that requires tracking by the operating system

This includes anything that causes the OS to allocate system context, including open files, pipes, semaphores, tokens, threads (processes), and so on.


Running such a procedure in unprotected mode could interfere with the proper operation of the Teradata Database.

the procedure is linked with CLIv2 or is written in Java


External procedures that are linked with CLIv2 can only run in protected mode.

the procedure is a computational procedure that does not use any operating system resources


Running an external procedure in unprotected mode speeds up the processing of the function considerably.

Use this option only after thoroughly debugging the procedure and making sure it produces the correct output.