7.11 Secure CREATAB Authority

Information

The CREATAB (create table) role grants the authority to a user to create tables within a specific database. It is recommended that the CREATAB role be granted to authorized users only.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Revoke this permission from any unauthorized users.
1. Connect to the DB2 database.
db2 => connect to $DB2DATABASE user $USERNAME using $PASSWORD
2. Run the following command from the DB2 command window-
db2 => REVOKE CREATAB ON DATABASE FROM USER <username>

See Also

https://workbench.cisecurity.org/files/162