Information
Roles provide several advantages that make it easier to manage privileges in a database system. Security administrators can control access to their databases in a way that mirrors the structure of their organizations (they can create roles in the database that map directly to the job functions in their organizations). The assignment of privileges is simplified. Instead of granting the same set of privileges to each individual user in a particular job function, the administrator can grant this set of privileges to a role representing that job function and then grant that role to each user in that job function.
NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.
Solution
To remove a role from the database-
1. Attach to a DB2 Instance-
db2 => attach to $DB2INSTANCE
2 Connect to DB2 database-
db2 => connect to $DBNAME
3. Run the following-
db2 => drop role <role name>