Granting readonly "select" permission to users in IDS

If you want to create a new database user account with read only access, then you will first have to revoke all access from all the tables and database from public.Then grant access(select/insert/update/delete) to different users as per your discretion.

1. First of all REVOKE ALL pervileges from 'public' on specific tables

REVOKE ALL ON tablename from public

2. Now only grant SELECT

GRANT SELECT ON  tablename TO public


3. Create new shell user in Linux/Unix using 'useradd' command, and update .bashrc (bash) with the informix enviroment variables

4. Grant CONNECT privileges to new user, so that he can connect to database

GRANT CONNECT TO username


New user will only be able to execute SELECT query on which 'public' has been given the privileges, new user will not able to execute INSERT, UPDATE, or any other query.

=================

Database privileges are stored in the system table sysusers. To list all users and their database privileges, 

select * from sysusers;

Table privileges are stored in the system table systabauth

Use the following SQL to list tables and users with table privileges:

select systables.tabname, systabauth.*
from systables, systabauth
where systables.tabid = systabauth.tabid
and systables.tabid > 99
order by tabname;

This statement joins systabauth with systables to retrieve table names from systables and display the users