DB2 public許可權相關
--檢視public擁有的表或檢視的許可權
db2 " select char(grantee,20) as grantee, char(tabname,40) as tabname,
controlauth, alterauth, deleteauth , insertauth, selectauth, updateauth
from syscat.tabauth where grantee='PUBLIC' and tabname like '%AUTH%'
"
db2 " select char(grantee,20) as grantee, char(tabname,40) as tabname,
controlauth, alterauth, deleteauth , insertauth, selectauth, updateauth
from syscat.tabauth where grantee='PUBLIC' and tabname like '%AUTH%'
"
---------------------------------------------------------------
資料庫在 Restrict 模式下,授權使用者:test
db2 grant use of TABLESPACE USERSPACE1 to test
db2 grant IMPLICIT_SCHEMA ON DATABASE to test
db2 grant CREATETAB ON DATABASE to test
db2 grant dataaccess on DATABASE to test
db2 grant connect on database to test
db2 grant usage on workload sysdefaultuserworkload to user test
資料庫在 Restrict 模式下,授權使用者:test
db2 grant use of TABLESPACE USERSPACE1 to test
db2 grant IMPLICIT_SCHEMA ON DATABASE to test
db2 grant CREATETAB ON DATABASE to test
db2 grant dataaccess on DATABASE to test
db2 grant connect on database to test
db2 grant usage on workload sysdefaultuserworkload to user test
db2 revoke connect ,bindadd,createtab on database from public;
--restrictive 為 YES,不把相關許可權授予public
db2 get db cfg for testdb | grep -i restrict
--------------------------------------------------------------------------------------------------------
REVOKE BINDADD ON DATABASE FROM PUBLIC;
REVOKE CREATETAB ON DATABASE FROM PUBLIC;
REVOKE CONNECT ON DATABASE FROM PUBLIC;
REVOKE IMPLICIT_SCHEMA ON DATABASE FROM PUBLIC;
REVOKE USE OF TABLESPACE USERSPACE1 FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.COLAUTH FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.DBAUTH FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.INDEXAUTH FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.PACKAGEAUTH FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.PASSTHRUAUTH FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.ROUTINEAUTH FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.SCHEMAAUTH FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.SECURITYLABELACCESS FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.SECURITYPOLICYEXEMPTIONS FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.SEQUENCEAUTH FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.SURROGATEAUTHIDSFROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.TABAUTH FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.TBSPACEAUTH FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.XSROBJECTAUTHFROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.AUTHORIZATIONIDS FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.OBJECTOWNERS FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.PRIVILEGES FROM PUBLIC;
Grant DBADM ON DATABASE FROM USER jeff
REVOKE BINDADD ON DATABASE FROM PUBLIC;
REVOKE CREATETAB ON DATABASE FROM PUBLIC;
REVOKE CONNECT ON DATABASE FROM PUBLIC;
REVOKE IMPLICIT_SCHEMA ON DATABASE FROM PUBLIC;
REVOKE USE OF TABLESPACE USERSPACE1 FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.COLAUTH FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.DBAUTH FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.INDEXAUTH FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.PACKAGEAUTH FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.PASSTHRUAUTH FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.ROUTINEAUTH FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.SCHEMAAUTH FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.SECURITYLABELACCESS FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.SECURITYPOLICYEXEMPTIONS FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.SEQUENCEAUTH FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.SURROGATEAUTHIDSFROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.TABAUTH FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.TBSPACEAUTH FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.XSROBJECTAUTHFROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.AUTHORIZATIONIDS FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.OBJECTOWNERS FROM PUBLIC;
REVOKE SELECT ON TABLE SYSCAT.PRIVILEGES FROM PUBLIC;
Grant DBADM ON DATABASE FROM USER jeff
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/22661144/viewspace-1477191/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- pg許可權相關
- Oracle許可權相關查詢Oracle
- oracle許可權相關檢視Oracle
- public, private, protected 訪問許可權訪問許可權
- APP許可權相關的東西APP
- DB2許可權與授權DB2
- 系統、角色、物件相關許可權字典物件
- 系統許可權相關資料字典
- public_html的許可權問題(轉)HTML
- Oracle使用者訪問許可權與PUBLIC角色的關係Oracle訪問許可權
- iOS相關許可權檢測和申請iOS
- DB2許可權管理的理解DB2
- 動態許可權相關的幾個庫分析
- GitHub的Repository許可權將public轉為privateGithub
- Oralce public access 許可權的回收後影響分析
- MySQL資料庫許可權體系入門(6)---管理表、列及程式相關許可權MySql資料庫
- Oracle許可權(二)許可權相關的動態效能檢視與資料字典檢視Oracle
- 【Mysql】flushprivilges重新整理系統許可權相關表MySql
- 和物件許可權相關的表table_privilege_map物件
- DB2的4種查詢許可權DB2
- 【Mysql】flush privilges 重新整理系統許可權相關表MySql
- 關於動態許可權
- 【轉】關於MySQL許可權MySql
- 關於mysql許可權管理MySql
- Oracle的物件許可權、角色許可權、系統許可權Oracle物件
- 許可權之選單許可權
- 【Linux】淺析檔案屬性與許可權相關命令Linux
- Linux使用者/使用者組/許可權相關命令Linux
- 如何用 Vue 實現前端許可權控制(路由許可權 + 檢視許可權 + 請求許可權)Vue前端路由
- linux 檔案許可權 s 許可權和 t 許可權解析Linux
- DB2最小化許可權管理實現方案DB2
- 關於 Laravel 日誌許可權Laravel
- 許可權系統:一文搞懂功能許可權、資料許可權
- Linux-許可權管理(ACL許可權)Linux
- AIX 的許可許可權(轉)AI
- postgresql關於許可權的總結SQL
- Android系統許可權和root許可權Android
- 在updata物料主資料時,對相關VIEW的許可權check方法.View