3.1.3 Require explicit authorization for cataloging

Information

DB2 can be configured to allow users that do not possess the SYSADM authority to catalog and uncatalog databases and nodes. It is recommended that the catalog_noauth parameter be set to NO.

Solution

Perform the following to require explicit authorization to catalog and uncatalog databases and nodes.
1. Attach to the DB2 instance
db2 => attach to $DB2INSTANCE
2. Run the following command from the DB2 command window-
db2 => update database manager configuration using catalog_noauth no

See Also

https://workbench.cisecurity.org/files/162

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6(5), CSCv6|5.1

Plugin: Unix

Control ID: 2f06df8effd0cea9cf506acf43d1d04cc1d147312ed5a01d753a63c0265884aa