IBM Support

RESTRICT ON DROP

News


Abstract

Database files are at the heart of the business for many IBM i clients. While specific authorization requirements exist to be able to delete any object on the IBM i, database files can now enjoy an added layer of protection from accidental or malicious delete actions.

Content


RESTRICT ON DROP is an attribute that can be added or removed using the ALTER TABLE (SQL) statement. When RESTRICT ON DROP is added, nobody will be allowed to delete or drop that file. Even users with *ALLOBJ user special authority will not be allowed to delete the file.

This protection can be used to protect SQL Tables and DDS-Created Database Physical Files.

If a valid situation exists where the file needs to be deleted, the ALTER TABLE (SQL) statement can be used to remove RESTRICT ON DROP.

restrict on drop example enforcement

See the SQL Reference for details: CREATE TABLE and ALTER TABLE

[{"Type":"MASTER","Line of Business":{"code":"LOB57","label":"Power"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SWG60","label":"IBM i"},"ARM Category":[{"code":"a8m0z0000000CHeAAM","label":"IBM i Db2"}],"ARM Case Number":"","Platform":[{"code":"PF012","label":"IBM i"}],"Version":"7.5.0;and future releases"}]

Document Information

Modified date:
03 May 2022

UID

ibm16575527