Teradata Client Software Enforcement of Trusted Sessions - Advanced SQL Engine

Teradata Client Software Enforcement of Trusted Sessions - Advanced SQL Engine - Teradata Database

SQL Data Control Language

Product

Advanced SQL Engine

Teradata Database

Release Number

17.05

17.00

Published

June 2020

Language

English (United States)

Last Update

2021-01-24

dita:mapPath

lmb1556233084626.ditamap

dita:ditavalPath

lze1555437562152.ditaval

dita:id

B035-1149

lifecycle

Product Category

Teradata® Vantage™ NewSQLEngine

Client software enables the enforcement of this security feature by providing code developers with the ability to indicate whether an SQL request is trusted or not. To do this for a CLIv2 application, use the Trusted flag of the CLIv2 Options parcel to specify Y if a request is trusted or N if a request is not.

You should always code your trusted user-based middle tier applications using Parcel Mode Fetch CLIv2 operations only. If you code the application using a CLIv2 Buffer Mode Fetch operation, it becomes possible for nontrusted users to construct their own Options parcels and inject nontrusted SQL code into the application.

Refer to either Teradata® Call-Level Interface Version 2 Reference for Workstation-Attached Systems, B035-2418 or Teradata® Call-Level Interface Version 2 Reference for Mainframe-Attached Systems, B035-2417, as appropriate, for detailed information about the Options parcel and how CLIv2 applications can be coded using Parcel Mode Fetch operations and the DBCAREA.

Each of the Teradata application APIs provides a mechanism for applications to specify whether requests are to be trusted or not. This mechanism prohibits an SQL request from being upgraded from a nontrusted status to trusted status. Refer to the appropriate Teradata Tools and Utilities documentation to determine how the API you are using for your middle tier application handles this feature.