Discussion:
Applicability of fix for APAR IY86711
(too old to reply)
m***@us.ibm.com
2007-08-14 13:21:17 UTC
Permalink
I need to confirm that the fix for APAR IY86711 does not apply to my DB2 servers. Abstract: As described in Security APAR IY86711, a fenced userid is incorrectly able to access directories.

I reached the conclusion that this APAR does not apply to my servers because the only fenced user these servers have defined is the instance owner and we do not have any other UDFs other than the ones shipped with the DB2 product.

Is my conclusion correct ?

Thanks, Marcela
Knut Stolze
2007-08-14 15:25:21 UTC
Permalink
Post by m***@us.ibm.com
I need to confirm that the fix for APAR IY86711 does not apply to my DB2
servers. Abstract: As described in Security APAR IY86711, a fenced userid
is incorrectly able to access directories.
I reached the conclusion that this APAR does not apply to my servers
because the only fenced user these servers have defined is the instance
owner and we do not have any other UDFs other than the ones shipped with
the DB2 product.
Is my conclusion correct ?
If you don't have any user-defined functions (UDFs) and user-created stored
procedures (SPs) at all, then you won't need this APAR. (Built-in
procedures/functions are not affected by that.) However, if you ever plan
to allow UDFs (for example by installing extenders), you should apply this
fix.

Since this is a security fix, it may be a good idea to install it anyway...
--
Knut Stolze
DB2 z/OS Utilities Development
IBM Germany
Loading...