CREATE SECURITY LEVEL
Use the CREATE SECURITY LEVEL command to create a security level, giving it a name and a value.
Synopsis
Syntax for creating a security
level:
CREATE SECURITY LEVEL <level-name> VALUE <level-number>
Inputs
The CREATE SECURITY LEVEL command has the following inputs:
Input | Description |
---|---|
<level_name> | An identifier for the level name. The name must be unique among security level names. Due to the total size limitation of the system security label field, use short level names. For compatibility with other vendors, do not use delimited identifiers, but use only ASCII characters, and limit name length to 30 characters. |
<level_number> | A positive integer level value 1 - 32766. Higher levels are more secure; lower values are less secure. |
Outputs
The CREATE SECURITY LEVEL command has the following outputs:
Output | Description |
---|---|
CREATE SECURITY LEVEL | The message that the system returns if the command is successful. |
ERROR: permission denied. | You must have Manage Security privilege to create a security level. |
ERROR: level number <number> already exists. | The specified level number exists. A level number can only have one name. |
ERROR: level number <number> is out of range. | The level number must be 1 - 32766. Level number 0 is pre-defined by the system as level PUBLIC. Level number 32767 is pre-defined by the system as level OMNI. Negative level numbers are not allowed. |
ERROR: object <level-name> already exists. | The level name must be different from all other security level names. |
Description
This command creates a security level of the given name. The security manager must carefully allocate level numbers. It is recommended to leave gaps between levels so that a level can be added if needed later.
- Privileges required
- You must have Manage Security privilege to create security levels.
- Common tasks
- Use the CREATE SECURITY LEVEL command to update the system catalog to add the new object, and update the security level name to value mapping.
Usage
The following provides sample usage:
CREATE SECURITY LEVEL SECRET VALUE 99;