2.2 Secure the database container directory

Information

A DB2 database container is the physical storage of the data.

The containers are needed in order for the database to operate properly. The loss of the containers can cause down time. Also, allowing excessive access to the containers may help an attacker to gain access to their contents. Therefore, secure the location(s) of the containers by restricting the access and ownership. Allow only the instance owner to have access to the tablespace containers.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Set the privileges for the directory of the containers. The recommended values are that only DB2 administrators have full access, and all other users have read-only access.

See Also

https://workbench.cisecurity.org/files/1654