Fixes are available
DB2 Version 9.1 Fix Pack 4a for Linux, UNIX and Windows
DB2 Version 9.1 Fix Pack 3 for Linux, UNIX and Windows
DB2 Version 9.1 Fix Pack 4 for Linux, UNIX and Windows
DB2 Version 9.1 Fix Pack 7 for Linux, UNIX and Windows
DB2 Version 9.1 Fix Pack 5 for Linux, UNIX and Windows
DB2 Version 9.1 Fix Pack 2a - interim special build 2a
DB2 Version 9.1 Fix Pack 2 for Linux, UNIX and Windows
DB2 Version 9.1 Fix Pack 6 for Linux, UNIX and Windows
DB2 Version 9.1 Fix Pack 3a for Linux, UNIX and Windows
DB2 Version 9.1 Fix Pack 6a for Linux, UNIX and Windows
DB2 Version 9.1 Fix Pack 7a for Linux, UNIX and Windows
DB2 Version 9.1 Fix Pack 8 for Linux, UNIX and Windows
DB2 Version 9.1 Fix Pack 9 for Linux, UNIX and Windows
DB2 Version 9.1 Fix Pack 10 for Linux, UNIX and Windows
DB2 Version 9.1 Fix Pack 11 for Linux, UNIX and Windows
DB2 Version 9.1 Fix Pack 12 for Linux, UNIX and Windows
APAR status
Closed as program error.
Error description
Users Affected: External fenced routines on Unix platforms Without this APAR fix, the fenced userid may be able to access directories without proper authorization. In order to enable the fix, the DB2_LIMIT_FENCED_GROUP registry variable must be set to YES and db2updv9 must be run on all databases in the instance. Example: db2updv9 -d <dbname> -j db2set DB2_LIMIT_FENCED_GROUP=YES NOTE 1: db2updv9 -j will only fix the permissions necessary for this security feature. No other changes to the database will be made. If db2updv9 is run without the -j option, all the updates will be applied inlcuding the permissions necessary for the security feature. Please see the DB2 Information Center for V9 for more details on the db2updv9 tool. NOTE 2: Once db2updv9 has been run on all databases the registry variable may be set any time. After applying the DB2 registry variable, applications that assumed fenced user has authority to access directory may fail now. Customers need to evaluate the authority for fenced user and consider assigning appropriate groups to the fenced user if necessary.
Local fix
Problem summary
Users Affected: External fenced routines on Unix platforms Problems summary: Fenced userid incorrectly able to access directories. Without this APAR fix, the fenced userid may be able to access directories without proper authorization.
Problem conclusion
Problem was first fixed in DB2 Version 9.1 Fix Pack 2 (s070210) Please note that in v9.5 and higher it is not required to set DB2_LIMIT_FENCED_GROUP=Yes to enable thix fix as it is enabled automatically. Any values set to DB2_LIMIT_FENCED_GROUP will be ignored on Unix platforms
Temporary fix
Comments
APAR Information
APAR number
IY87492
Reported component name
DB2 UDB ESE AIX
Reported component ID
5765F4100
Reported release
910
Status
CLOSED PER
PE
NoPE
HIPER
YesHIPER
Special Attention
NoSpecatt
Submitted date
2006-07-31
Closed date
2007-02-22
Last modified date
2011-02-25
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
DB2 UDB ESE AIX
Fixed component ID
5765F4100
Applicable component levels
R910 PSY
UP
Document Information
Modified date:
25 February 2011