home clear 64x64
en blue 200x116 de orange 200x116 info letter User
suche 36x36
Latest versionsfixlist
11.1.0.7 FixList
10.5.0.9 FixList
10.1.0.6 FixList
9.8.0.5 FixList
9.7.0.11 FixList
9.5.0.10 FixList
9.1.0.12 FixList
Have problems? - contact us.
Register for free anmeldung-x26
Contact form kontakt-x26

DB2 - Problem description

Problem IT31969 Status: Closed

EXTRA PRIVILEGES ON NULLID.ATSO05 PACKAGE ARE ADDED TO PUBLIC AFTER
RESTORING OLDER RESTRICTIVE DATABASE IMAGE

product:
DB2 FOR LUW / DB2FORLUW / B50 - DB2
Problem description:
The extra BINDAUTH and EXECUTEAUTH privileges on NULLID.ATSO05
package are added to PUBLIC on Db2 v11.5 after restoring older
RESTRICTIVE database image as below.

The original database is a RESTRICTIVE database and the extra
BINDAUTH and EXECUTEAUTH privileges should not be added even
after restoring RESTRICTIVE database.

* The privileges on the original RESTRICTIVE database

$ db2 "select DISTINCT substr(GRANTOR,1,15) as
GRANTOR,substr(GRANTEE,1,15) as
GRANTEE,GRANTEETYPE,substr(PKGSCHEMA,1,15) as
PKGSCHEMA,CONTROLAUTH,BINDAUTH,EXECUTEAUTH from
syscat.PACKAGEAUTH"

GRANTOR         GRANTEE         GRANTEETYPE PKGSCHEMA
CONTROLAUTH BINDAUTH EXECUTEAUTH
--------------- --------------- ----------- ---------------
----------- -------- -----------
SYSIBM          DB2INST1        U           NULLID          Y
G        G
SYSIBM          DB2INST1        U           SYSIBMADM       Y
G        G
SYSIBM          DB2INST1        U           SYSIBMINTERNAL  Y
G        G
SYSIBM          DB2INST1        U           SYSPROC         Y
G        G

  4 record(s) selected.

* The extra privileges on the restored RESTRICTIVE database

$ db2 "select DISTINCT substr(GRANTOR,1,15) as
GRANTOR,substr(GRANTEE,1,15) as
GRANTEE,GRANTEETYPE,substr(PKGSCHEMA,1,15) as
PKGSCHEMA,CONTROLAUTH,BINDAUTH,EXECUTEAUTH from
syscat.PACKAGEAUTH"

GRANTOR         GRANTEE         GRANTEETYPE PKGSCHEMA
CONTROLAUTH BINDAUTH EXECUTEAUTH
--------------- --------------- ----------- ---------------
----------- -------- -----------
SYSIBM          DB2INST1        U           NULLID          Y
G        G
SYSIBM          DB2INST1        U           SYSIBMADM       Y
G        G
SYSIBM          DB2INST1        U           SYSIBMINTERNAL  Y
G        G
SYSIBM          DB2INST1        U           SYSPROC         Y
G        G
DB2INST1        PUBLIC          G           NULLID          N
Y        Y

  5 record(s) selected.

$ db2 "select char(GRANTOR,10) GRANTOR, char(GRANTEE,10)
GRANTEE, GRANTEETYPE, char(PKGSCHEMA,10) PKGSCHEMA,
char(PKGNAME,16) PKGNAME, CONTROLAUTH, BINDAUTH, EXECUTEAUTH
from syscat.PACKAGEAUTH where PKGSCHEMA = 'NULLID' and  GRANTEE
= 'PUBLIC'"

GRANTOR    GRANTEE    GRANTEETYPE PKGSCHEMA  PKGNAME
CONTROLAUTH BINDAUTH EXECUTEAUTH
---------- ---------- ----------- ---------- ----------------
----------- -------- -----------
DB2INST1   PUBLIC     G           NULLID     ATSO05           N
Y        Y
Problem Summary:
****************************************************************
* USERS AFFECTED:                                              *
* RESTRICTIVE DATABASE User                                    *
****************************************************************
* PROBLEM DESCRIPTION:                                         *
* See Error Description                                        *
****************************************************************
* RECOMMENDATION:                                              *
* Upgrade to DB2 Version 11.5 FixPack 4 or later               *
****************************************************************
Local Fix:
Revoke privileges from PUBLIC user
Solution


Workaround


not known / see Local fix


BUG-Tracking


forerunner  : 
follow-up : IT32042 


Timestamps


Date  - problem reported    :
Date  - problem closed      :
Date  - last modified       :

24.02.2020
24.04.2020
24.04.2020


Problem solved at the following versions (IBM BugInfos)




Problem solved according to the fixlist(s) of the following version(s)