Privileges for VA assessments, privilege summaries, and penetration tests
The FortiDB database user for a target database requires the following privileges to run assessments and related tasks:
Task | Required privileges |
DB2 | |
Run VA Assessment (except penetration test) |
CREATE TABLE SELECT on the following SYSIBM tables:
|
View a Privilege Summary |
SELECT on the following SYSCAT tables:
SELECT on the following SYSIBM tables:
|
Run Penetration Test |
SELECT on the following SYSCAT tables:
SELECT on the following SYSIBM tables:
|
Microsoft SQL Server 2000 | |
Run VA assessment (except penetration test) |
SELECT on:
EXECUTE on:
The database user requires the MS-SQL
|
View a Privilege Summary |
For each individual MS-SQL 2000 database you want to connect to, SELECT on:
|
Run Penetration Test |
SELECT on:
|
Microsoft SQL Server 2005 or 2008 | |
Run VA Assessment (except penetration test) |
SELECT on:
EXECUTE on:
The database user requires the MS-SQL
|
View Privileges Summary |
SELECT on:
For each individual Microsoft SQL 2005 Server database that you want to connect to, SELECT on:
|
Run Penetration Test |
SELECT on:
|
Oracle | |
Run VA Assessment (except penetration test) |
CREATE SESSION SELECT_CATALOG_ROLE SELECT on:
|
View Privilege Summary |
SELECT on:
|
Run Penetration Test |
SELECT on:
|
Sybase and Sybase IQ | |
Run VA Assessment (except for penetration test) |
SSO_ROLE If the Sybase server is using SybSecurity:
If the Sybase server is not using SybSecurity, grant the database user SELECT permission on the following tables:
|
View a Privilege Summary |
For each individual database you want to connect to, grant SELECT on:
|
Run Penetration Test |
Grant SELECT on:
|
MySQL | |
Run a VA Assessment (including penetration test) |
SELECT on:
|
View a Privilege Summary |
SELECT on:
SHOW DATABASES |
See also