Documentation - V-213718

V-213718

IBM DB2 V10.5 LUW Security Technical Implementation Guide

CAT I

Title

DB2 must prevent non-privileged users from executing privileged functions, to include disabling, circumventing, or altering implemented security safeguards/countermeasures.

Description

<VulnDiscussion>Preventing non-privileged users from executing privileged functions mitigates the risk that unauthorized individuals or processes may gain unnecessary access to information or privileges. System documentation should include a definition of the functionality considered privileged. Depending on circumstances, privileged functions can include, for example, establishing accounts, performing system integrity checks, or administering cryptographic key management activities. Non-priv...

Fix Text (Documentation Requirement)

Use appropriate OS utility to remove the non-authorized users form privileged groups. Use REVOKE command to revoke database level or object privileges from non-authorized users. Note: The following views and table functions list information about privileges held by users, identities of users granting privileges, and object ownership: SYSCAT.COLAUTH: Lists the column privileges SYSCAT.DBAUTH: Lists the database privileges SYSCAT.INDEXAUTH: Lists the index privileges SYSCAT.MODULEAUTH: Lists the module privileges SYSCAT.PACKAGEAUTH: Lists the package privileges SYSCAT.PASSTHRUAUTH: Lists the server privilege SYSCAT.ROLEAUTH: Lists the role privileges SYSCAT.ROUTINEAUTH: Lists the routine (functions, methods, and stored procedures) privileges SYSCAT.SCHEMAAUTH: Lists the schema privileges ...

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel