RC/Secure : Batch revoke analysis does not generate statements for userid where the authorization is ALL.
search cancel

RC/Secure : Batch revoke analysis does not generate statements for userid where the authorization is ALL.

book

Article ID: 264001

calendar_today

Updated On:

Products

RC/Secure for DB2 for z/OS

Issue/Introduction

Batch revoke analysis(HLQ.CDBAJCL(RCS#RVKE)) does not generate revoke statements for a userid where the granted authorization is ALL.  The revoke statements for other authorizations are generated properly.

Environment

Release : 20.0

Resolution

The SYSIBM.SYSTABAUTH row in the SPUFI output looks like it is the inherited authorization as the CREATOR of the table. The GRANTOR and GRANTEE are the same, so this appears to be inherited authorization as owner of the table when the table was created. This is not something that can be revoked.  

The RC/Query User All Authorization Inq is showing the inherited authorization as the table creator.

The report from the batch report(hlq.CDBAJCL(RCS#RVKE)) will just indicate "NO REVOKES TO PERFORM"

Additional Information

Revoking in Batch Mode

Powered by Wolken Software