DB2 Security – Authorisasi

Terkadang kita mengalami kebingungan akan authorisasi masing-masing orang. Dengan menggunakan command get authorizations kita dapat melihat authorisasi dari seseorang.

Berikut contohnya
db2 connect to
db2 get authorizations

—————————————————————–
Administrative Authorizations for Current User

Direct SYSADM authority = NO
Direct SYSCTRL authority = NO
Direct SYSMAINT authority = NO
Direct DBADM authority = YES
Direct CREATETAB authority = NO
Direct BINDADD authority = NO
Direct CONNECT authority = NO
Direct CREATE_NOT_FENC authority = NO
Direct IMPLICIT_SCHEMA authority = NO
Direct LOAD authority = NO
Direct QUIESCE_CONNECT authority = NO
Direct CREATE_EXTERNAL_ROUTINE authority = NO
Direct SYSMON authority = NO

Indirect SYSADM authority = YES
Indirect SYSCTRL authority = NO
Indirect SYSMAINT authority = NO
Indirect DBADM authority = NO
Indirect CREATETAB authority = YES
Indirect BINDADD authority = YES
Indirect CONNECT authority = YES
Indirect CREATE_NOT_FENC authority = NO
Indirect IMPLICIT_SCHEMA authority = YES
Indirect LOAD authority = NO
Indirect QUIESCE_CONNECT authority = NO
Indirect CREATE_EXTERNAL_ROUTINE authority = NO
Indirect SYSMON authority = NO
—————————————————————–

Direct merupakan authorisasi yang langsung dimiliki oleh user tersebut, sedangkan indirect bearti user tersebut mendapat hak tersebut dari group.

Namun jika kita teliti lebih lanjut, diatas tidak terdapat keterangan mengenai siapa pemilik SECADM. Hal ini dapat diketahui dengan menggunakan perintah dibawah

db2 select grantee from syscat.dbaere securityadmauth = ‘Y’

Namun mulai DB2 9.5 command GET AUTHORIZATIONS sudah deprecated. Selanjutnya sebuah function disediakan untuk mendapatkan informasi mengenai authorisasi. Function ini bernama AUTH_LIST_AUTHORITIEs_FOR_AUTHID(‘authid’,'authidtype’).

SELECT char(authority, 26) authority, d_user, d_group, d_public,role_user, role_group, role_public, d_role FROM TABLE (AUTH_LIST_AUTHORITIEs_FOR_AUTHID (‘DB2ADMIN’, ‘U’)) as T

Sumber
- DB2 Security and Comp

This entry was posted in DB2 and tagged , , , , , , , , , . Bookmark the permalink.

2 Responses to DB2 Security – Authorisasi

  1. Agus Suhanto says:

    terimakasih a atas postingnya yg menarik… kenalkan saya Agus Suhanto

  2. denysutani says:

    Salam kenal juga. Penggemar DB2 juga y? Jangan lupa bergabung ke milisnya y.

    http://tech.groups.yahoo.com/group/Indo-DB2/

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>