home clear 64x64
en blue 200x116 de orange 200x116 info letter User
suche 36x36
Neueste VersionenFixList
11.1.0.7 FixList
10.5.0.9 FixList
10.1.0.6 FixList
9.8.0.5 FixList
9.7.0.11 FixList
9.5.0.10 FixList
9.1.0.12 FixList
Haben Sie Probleme? - Kontaktieren Sie uns.
Kostenlos registrieren anmeldung-x26
Kontaktformular kontakt-x26

DB2 - Problembeschreibung

Problem IC68015 Status: Geschlossen

SECURITY: FUNCTIONS ARE NOT INVALIDATED NOR DROPPED ALTHOUGH OWNER LOSES
PRIVILEGES VIA PUBLIC TO ACCESS UNDERLYING OBJECTS.

Produkt:
DB2 FOR LUW / DB2FORLUW / 970 - DB2
Problembeschreibung:
When privileges on a database object are revoked from PUBLIC, 
the dependent functions are not being marked INVALID.  Hence, 
users with execute privilege on the function are still able to 
call it successfully.  If already impacted by this APAR, 
affected functions should either be dropped and recreated 
manually or the owner of the functions should be granted 
sufficient privilege to access underlying database objects as 
appropriate.
Problem-Zusammenfassung:
**************************************************************** 
* USERS AFFECTED:                                              * 
* All DB2 Version 9.7 GA through to Fix Pack 2 servers         * 
* onLinux, Unix and Windows that rely on privileges to PUBLIC  * 
* tocontrol privileges.                                        * 
**************************************************************** 
* PROBLEM DESCRIPTION:                                         * 
* Incorrect checking leads to an exposure where users arestill * 
* able to use functions that depend on other databaseobjects,  * 
* for which privileges have been revoked via PUBLIC.           * 
**************************************************************** 
* RECOMMENDATION:                                              * 
* Grant privileges explicitly to groups, roles or usersinstead * 
* of relying on privileges via PUBLIC.                         * 
****************************************************************
Local-Fix:
Grant and revoke privileges to specific users, groups or roles 
on database objects that user defined functions depend on 
instead of to PUBLIC.  Otherwise, apply DB2 Version 9.7 Fix Pack 
3.
verfügbare FixPacks:
DB2 Version 9.7 Fix Pack 3a for Linux, UNIX, and Windows
DB2 Version 9.7 Fix Pack 4 for Linux, UNIX, and Windows
DB2 Version 9.7 Fix Pack 5 for Linux, UNIX, and Windows
DB2 Version 9.7 Fix Pack 6 for Linux, UNIX, and Windows
DB2 Version 9.7 Fix Pack 7 for Linux, UNIX, and Windows
DB2 Version 9.7 Fix Pack 8 for Linux, UNIX, and Windows
DB2 Version 9.7 Fix Pack 9 for Linux, UNIX, and Windows
DB2 Version 9.7 Fix Pack 9a for Linux, UNIX, and Windows
DB2 Version 9.7 Fix Pack 10 for Linux, UNIX, and Windows

Lösung
Problem first fixed in DB2 Version 9.7 Fix Pack 3 and all 
subsequent Fix Packs.
Workaround
keiner bekannt / siehe Local-Fix
Bug-Verfolgung
Vorgänger  : APAR is sysrouted TO one or more of the following: IC69537 
Nachfolger : 
Weitere Daten
Datum - Problem gemeldet    :
Datum - Problem geschlossen :
Datum - der letzten Änderung:
19.04.2010
14.09.2010
20.09.2010
Problem behoben ab folgender Versionen (IBM BugInfos)
9.7.FP3
Problem behoben lt. FixList in der Version