Authorization switching

The Execution component performs an authorization switching function to ensure that Db2 structures are created with the proper owner and creator.

To secure this function, you can perform one of the following activities:

  • Restrict the EXECUTE authority on the Execution Monitor Entry plan. This restriction will prevent unauthorized users from being able to run Execution. For the highest level of security, restrict access to the Execution Monitor Entry plan.
  • Create an Execution security exit to add site-specific restrictions to authorization switching.

Execution calls the security exit at various points to allow installation security checking and option enforcement.

Typical uses of this exit include:

  • Enforcing hash checking so that users are not allowed to modify worklists
  • Switching the authorization ID of the execution run user at initialization
  • Preventing or restricting user authorization ID switching
  • Preventing user modification of SQL GRANT commands
  • Inspecting and modifying SQL commands before they are executed

The assembler source for the security exit is distributed in the DBSAMP library (member ALUEUSX1). To enable the security exit, modify ALUEUSX1, then assemble and link the member. This module is loaded during initialization.

ALUEUSX1 communicates via Registers 0, 1, and 15. When ALUEUSX1 is called, Register 0 contains a function code. Register 1 contains the address of a user exit control block that AEXUSERX DSECT (in the sample program) describes. ALUEUSX1 returns a value in Register 15 that informs Execution how to proceed.

For more information about switching authorization, see Authorization-switching-function.

This section contains the following topics:

Related topic

Customizing-after-installation


 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*