6.20 Restrict Access to SYSCAT.SEQUENCEAUTH

Information

The SYSCAT.SEQUENCEAUTH view contains users, groups, or roles granted privilege(s) on a sequence. It is recommended that the PUBLIC role be restricted from accessing this view.

Solution

Perform the following to revoke access from PUBLIC.
1. Connect to the DB2 database.
db2 => connect to $DB2DATABASE user $USERNAME using $PASSWORD
2. Run the following command from the DB2 command window-
db2 => REVOKE SELECT ON SYSCAT.SEQUENCEAUTH FROM PUBLIC

See Also

https://workbench.cisecurity.org/files/162

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6

Plugin: IBM_DB2DB

Control ID: aef55e4cbe020d09c0f35222384135b8b4994cee8fe39df3f9b08e939924dc68