A user who has DBA rights on a particular database is unable to
grant certain permissions for a table that is owned by a
different DBA user unless the non-owner DBA user is specifically
granted the "grant" permissions for that table by the owner of
the table.
So, for example, if the table named "test_table" is owned by the
"informix" user, but if I am logged in as another user
(testuserdb) that also has DBA rights for the database (i.e.
granted DBA by informix) and I try to run the statement below, I
get this error message:
"302: No GRANT option or illegal option on multi-table view."
grant select on test_table to farias;
I can work around the problem if I log in as the "informix" user
and specifically grant the "grant" rights to the other DBA user
in this manner:
grant all on test_table to testuserdb with grant option;
However, if "testuserdb" has already been granted DBA rights for
the database, then logically we might think that this user
should already be empowered to grant or revoke specific rights
on any table in the database, regardless of when it was created
or who it was created by. In other words, in my example above, I
have to log in as the "informix" user to provide this permission
to the other DBA user (testuserdb).
I noticed in experimenting that as the other DBA user
(testuserdb) I could grant ALL or revoke ALL rights for a table
owned by someone else even if the owner of the table hadn't
given this other DBA user (testuserdb) the "grant" rights, but
that capability is not very helpful because I would normally
want to grant specific table level rights to certain users, such
as select, insert, update, etc. |
