” You can also share that these privileges apply to [...]]]> In my last post, I mentioned that Craig Mullins and I had written a new article  (http://www.idug.org/p/bl/et/blogid=31&blogaid=32) regarding  ”A Common Language for DB2 Security”.   That article inspired a well-respected Senior DBA who understands DB2 on POWR i Systems security to write me this email:

” You can also share that these privileges apply to DB2 UDB running on POWER i under i/OS.  SECADM has been a special authority that could be granted to those who need the ability to audit and report system activity. ”

Isn’t that awesome!   The whole “common language” and “sharing” concept is already starting to work!

Thanks Mike Shaw for this excellent information!   Your contribution just proves that as an IDUG community, we not only HAVE the knowledge, we will go out of our way to SHARE it.

As a security junkie DB2 LUW DBA type, I often felt that the z/OS DB2 DBAs and I spoke a different language.  Sure, we were always able to discuss database security in [...]]]> Have you ever tried to communicate with someone who didn’t speak your language?   Did you find that the message inevitably got garbled?

As a security junkie DB2 LUW DBA type, I often felt that the z/OS DB2 DBAs and I spoke a different language.  Sure, we were always able to discuss database security in general terms, but when it came to the specifics, there was a communication issue.

The good news for ALL DB2 DBAs is that with DB2 10 z/OS  and DB2 LUW 9.7, security terminology is “more alike and less different”.   If you’d like to learn more about our new common language, read the article that Craig Mullins and I wrote for IDUG.  http://www.idug.org/p/bl/et/blogid=31&blogaid=32

I never actually thought about writing about Dragons [...]]]> In my spare time, I write children’s stories. Obviously Dragons enter those storylines from time to time. I always tell my readers that Dragons should be approached cautiously, even the purple ones, cause you can’t tell which ones are the Fire-Breathing kind until you are being toasted.

I never actually thought about writing about Dragons and DB2, but today, the two combined into a cautionary tail (tale).

Most folks know that I am a security junkie. If it can be locked down, I want to be the one turn the key; but I also like to avoid Dragons.

One Dragon that I really take seriously is the kind that encourages us to change file system permissions for DB2′s installed “engine” files.

For example: /opt/IBM/db2/ is the typical path for installation of the files that DB2 uses to make itself do all the fun stuff we want….like creating instances. So, if my System Admin who holds Root begins changing those file system permissions in an attempt to “lock down” security, she might just rouse the Dragon. And, you just never know whether it is going to be a friendly Dragon or the Fire-Breathing kind.

Security is good, but please remain aware of the Dragons….unless you happen to have a storybook princess or white knight who can tame the fearsome beast before you are toast!

If you are going to IDUG NA 2011 (http://www.idug.org/north-america-2011/index.html), please note that the previously scheduled session “DB2 LUW Security — What to do if your Firewall Catches Fire” has been moved to a earlier time slot.  Now the session starts at 12:45.

While there won’t be any matches involved (darned fire code!), this [...]]]>  

If you are going to IDUG NA 2011 (http://www.idug.org/north-america-2011/index.html), please note that the previously scheduled session “DB2 LUW Security — What to do if your Firewall Catches Fire” has been moved to a earlier time slot.  Now the session starts at 12:45.

While there won’t be any matches involved (darned fire code!), this is guaranteed to be a “hot” topic.   Please join me on Tuesday, May 3, 2011 from 12:45 – 1:45 to learn some creative ways to put out your security fires!