6.1.14 Secure LOAD Authority

Information

The LOAD role grants the authority to a user to load data into tables. It is recommended that the LOAD role be granted to authorized users only.

Rationale:

All users that have access to this authority should be regularly reviewed.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Revoke this permission from any unauthorized users.

Connect to the Db2 database.

db2 => connect to <dbname>

Run the following command:

db2 => REVOKE LOAD ON DATABASE FROM USER <username>

See Also

https://workbench.cisecurity.org/benchmarks/10752

Item Details

Category: ACCESS CONTROL, MEDIA PROTECTION

References: 800-53|AC-3, 800-53|AC-5, 800-53|AC-6, 800-53|MP-2, CSCv7|14.6

Plugin: IBM_DB2DB

Control ID: 2487110844707040c4c46db018ab97df5b1e7e7aa36e5318b998ebc6cba89794