Hello, I have a question related to 'expired or deleted RACF accounts that are still active in DB2'. In our shop, with z/OS as the operating system and RACF as a security tool. While DB2 native security is used to manage access for each of the DB2 objects such as database, table, view, or storage group, RACF is used to manage user accounts and such things as authentication. Quesition: There is an audit report nothing that there are serveral orphaned user accounts (expired or deleted) with permissions and privileges to different DB2 objects within DB2. Does it constitute a Medium or High risk? If so, what are the vulnerabilities associated with it? If not, does it ONLY represent a cleanup issue where by user account with expired status in RACF or deleted from RACF should also be removed from DB2?
OS; z/OS, Security: RACF, DB; DB2
February 22, 2012 10:10 PM
March 14, 2012 3:39 PM