Salut,
Je n'ai jamais administré une base DB2, mais pour le principe, il te faut créer un utilisateur, et ne pas lui donner les droits de modification et de suppression.
Exemple :
The following example grants SELECT privileges on the EMPLOYEE table to the user HERON:
GRANT SELECT ON EMPLOYEE TO USER HERON
The following example grants SELECT privileges on the EMPLOYEE table to the group HERON:
GRANT SELECT ON EMPLOYEE TO GROUP HERON
GRANT SELECT,UPDATE ON TABLE STAFF TO GROUP PERSONNL
If a privilege has been granted to both a user and a group with the same name, you must specify the GROUP or USER keyword when revoking the privilege. The following example revokes the SELECT privilege on the EMPLOYEE table from the user HERON:
REVOKE SELECT ON EMPLOYEE FROM USER HERON
To Check what permissions you have within the database
SELECT * FROM SYSCAT.DBAUTH WHERE GRANTEE USER AND GRANTEETYPE 'U'
SELECT * FROM SYSCAT.COLAUTH WHERE GRANTOR = USER
At a minimum, you should consider restricting access to the SYSCAT.DBAUTH, SYSCAT.TABAUTH, SYSCAT.PACKAGEAUTH, SYSCAT.INDEXAUTH, SYSCAT.COLAUTH, and SYSCAT.SCHEMAAUTH catalog views. This would prevent information on user privileges, which could be used to target an authorization name for break-in, becoming available to everyone with access to the database. The following statement makes the view available to every authorization name:
GRANT SELECT ON TABLE MYSELECTS TO PUBLIC
And finally, remember to revoke SELECT privilege on the base table:
REVOKE SELECT ON TABLE SYSCAT.TABAUTH FROM PUBLIC
______________________________________
AVANT de poster votre message, veuillez lire, comprendre, et appliquer notre réglement