Prevent database user to access another database

On Jul 31, 6:56 am, S.M.Deshpa...@googlemail.com wrote:

Hi,

I have installed DB2 version 8.1 and created two databases, TEST1 and
TEST2. Two operating system users test1 and test2 are mapped to two
database users in TEST1 and TEST2 databases respectively.

Even though test2 user does not exists in TEST1 database, I am able to
connect to TEST1 database using test2 user. Also able to perform basic
operations like CREATE /DROP table. After creating tables, it creates
test2 SCHEMA and DB USER automatically in TEST1 database.

How do I prevent this behavior? How do I prevent test2 user connecting
to TEST1 database?

Thanks

Sameer

By default connect privilege is granted to public....revoke it.

Also, do some initial reading before posting.

On Jul 31, 10:59 am, janman <mjana...@hotmail.comwrote:

On Jul 31, 6:56 am, S.M.Deshpa...@googlemail.com wrote:

Hi,

I have installed DB2 version 8.1 and created two databases, TEST1 and
TEST2. Two operating system users test1 and test2 are mapped to two
database users in TEST1 and TEST2 databases respectively.

Even though test2 user does not exists in TEST1 database, I am able to
connect to TEST1 database using test2 user. Also able to perform basic
operations like CREATE /DROP table. After creating tables, it creates
test2 SCHEMA and DB USER automatically in TEST1 database.

How do I prevent this behavior? How do I prevent test2 user connecting
to TEST1 database?

Thanks

Sameer

By default connect privilege is granted to public....revoke it.

Also, do some initial reading before posting.

___________

<<Also, do some initial reading before posting.>>

If he knew where to look, he wouldn't have posted! Defaults are hard
for the novice to find, as there is no single place where one can go
to see all defaults for all the myriad choices. Similarly environment
variables are confusing, even their existence is cryptic, let alone
their defaults, if any.

You were once in that position -- be charitable and be happy to help
your colleague.

On Aug 3, 12:21 am, 2803s...@gmail.com wrote:

On Jul 31, 10:59 am, janman <mjana...@hotmail.comwrote:

On Jul 31, 6:56 am, S.M.Deshpa...@googlemail.com wrote:

Hi,

I have installed DB2 version 8.1 and created two databases, TEST1 and
TEST2. Two operating system users test1 and test2 are mapped to two
database users in TEST1 and TEST2 databases respectively.

Even though test2 user does not exists in TEST1 database, I am able to
connect to TEST1 database using test2 user. Also able to perform basic
operations like CREATE /DROP table. After creating tables, it creates
test2 SCHEMA and DB USER automatically in TEST1 database.

How do I prevent this behavior? How do I prevent test2 user connecting
to TEST1 database?

Thanks

Sameer

By default connect privilege is granted to public....revoke it.

Also, do some initial reading before posting.

___________

<<Also, do some initial reading before posting.>>

If he knew where to look, he wouldn't have posted! Defaults are hard
for the novice to find, as there is no single place where one can go
to see all defaults for all the myriad choices. Similarly environment
variables are confusing, even their existence is cryptic, let alone
their defaults, if any.

You were once in that position -- be charitable and be happy to help
your colleague.

Thanks for the reply though it wasn't interesting enough. So just read
and ignored it.

Other than DB2, I haven't seen any RDBMS which gives CONNECT privilege
to public that to by default. I think CONNECT its a powerful privilege
and I don't see any reason to be granted as default to public.

Usual practice is to create user and grant necessary privileges in
other RDBMS. I wouldn't have figured it out, if one of our developer
wouldn't have connected to wrong DB2 database. First of all I was
surprised that he got successful connection. While using Oracle,
SQLServer, PostgreSQL, MySQL, this behavior of DB2 is certainly
surprising to me.

Is there any reason why DB2 grant CONNECT privilege by default. Are
there any other potential privileges also that one needs to revoke?