[求救]请问如何撤销public的CREATEINAUTH权限?
SQL: SELECT substr(grantor,1,10),substr(GRANTEE,1,10),GRANTEETYPE,
substr(SCHEMANAME,1,10),CREATEINAUTH
FROM syscat.SCHEMAAUTH
WHERE grantee= 'PUBLIC' AND CREATEINAUTH <>'N'
Grantor Grantee Grantee Type Schema CreateinAuth
SYSIBM PUBLIC G IPST Y
我尝试使用过db2 "REVOKE SELECT ON TABLE SYSCAT.SCHEMAAUTH FROM PUBLIC" 这个命令,不过好像对这个issue没有作用啊。
ipst-/ips/test/home/Security> db2 "REVOKE SELECT ON TABLE SYSCAT.SCHEMAAUTH FROM PUBLIC"
DB21034E The command was processed as an SQL statement because it was not a
valid Command Line Processor command. During SQL processing it returned:
SQL0556N An attempt to revoke a privilege from "PUBLIC" was denied because
"PUBLIC" does not hold this privilege. SQLSTATE=42504
ipst-/ips/test/home> db2 describe table SYSCAT.SCHEMAAUTH
Column Type Type
name schema name Length Scale Nulls
------------------------------ --------- ------------------ -------- ----- ------
GRANTOR SYSIBM VARCHAR 128 0 No
GRANTEE SYSIBM VARCHAR 128 0 No
GRANTEETYPE SYSIBM CHARACTER 1 0 No
SCHEMANAME SYSIBM VARCHAR 128 0 No
ALTERINAUTH SYSIBM CHARACTER 1 0 No
CREATEINAUTH SYSIBM CHARACTER 1 0 No
DROPINAUTH SYSIBM CHARACTER 1 0 No
7 record(s) selected.
然后我尝试使用update直接更新这个SCHEMAAUTH,但是错误:
ipst-/ips/test/home> db2 "update SYSCAT.SCHEMAAUTH set CREATEINAUTH='N' where grantee='PUBLIC'"
DB21034E The command was processed as an SQL statement because it was not a
valid Command Line Processor command. During SQL processing it returned:
SQL0607N "UPDATE" is not defined for system objects. SQLSTATE=42832
有人说由于是SYSCAT视图,所以无法更改其内容。郁闷死了.....
请高手指教哦相关解决方法,感谢感谢~!
|
