DB2 access rights

[pmcmicha]

Currently we have a login that should only have connect and select permissions, but it seems that it can also update, delete, and insert.

Now I am being told by my DBA that DB2 gets authority permissions from the Unix Operating System which we run are programs from. The unix login has the same name as the database login with full access.

Example:
dbfullaccess (unix and db2 login)
dbreadonly (db2 login)

So I am being told that even if I login with dbreadonly, but I am logged in to the unix server with (dbfullaccess) that DB2 picks this information up and now gives my dbreadonly login full access to do whatever it wants. Is this true? Somehow I do not think that it is.

Thanks in advance.

 

[sathyarams]

The access privileges depends on which id you connect to db2 ..

You can logon as dbfullaccess and say
connect to database1 user dbreadonly

Then for that connection, you will not have the full access ..

If you logon as dbfullaccess and just say
connect to database1

db2 implicitly connects you as dbfullaccess(your Unix login)

HTH

Sathyaram

For db2 resoruces visit

http://www.db2click.com

More DB2 questions answered at

http://www.dbforums.com/f8