Unanswered: Revoke privileges from PUBLIC on NULLID
(DB2 UDB V8.1 FP5, AIX)
I have a few questions related to privileges granted to PUBLIC on package schema NULLID:
- Is it a security threat if PUBLIC has privileges on NULLID?
- What if I revoke BIND & EXECUTE on all packages within NULLID?
- What happens when new packages are created. Is PUBLIC granted privileges on newly created packages also.
- How to differentiate between system defined and user defined packages?
I realise that SYSIBM is grantor for quite a few of them and there is a naming convention for packages. But still I can find some packages starting with 'SQL' with SYSIBM as grantor. I've searched a lot but could not find the impact of revoking these privileges from PUBLIC. I've also checked the V9.1 database creation option of RESTRICTIVE but currently I am on DB2 UDB v8.1 FP5.
the package from nuliid are these used by db2 itself
command line - import .. all other utilities
they are grouped by 2 lists : db2cli.lst and db2ubind.lst
multiple copies are available for all versions/release of any client
do not revoke them..
Best Regards, Guy Przytula
Database Software Consultant
Good DBAs are not formed in a week or a month. They are created little by little, day by day. Protracted and patient effort is needed to develop good DBAs.
Spoon feeding : To treat (another) in a way that discourages independent thought or action, as by overindulgence.
DB2 UDB LUW Certified V7-V8-V9-V9.7-V10.1-V10.5 DB Admin - Advanced DBA -Dprop..
Information Server Datastage Certified http://www.infocura.be