Vulnerability assessment : Viewing and exporting a privilege summary
Viewing and exporting a privilege summary
To view the privilege summary, log in to FortiDB with an administrator account that has the Operations Manager or Report Manager role.
A privilege summary shows who has access to what in your target databases. As such, it can:
Help you establish a baseline for your security system
Show you if any users have more privileges than they need in order to do their jobs
Show you if any roles (or, for DB2, groups) include more privileges than necessary
Provide a common place to review privilege assignments for all FortiDB-supported target DB types
Eliminate the need to execute the SQL statements to get privilege-assignment information
1. Click Vulnerability Assessment > Privilege Summary.
2. For Target Group, select the target group that contains the target database for which you want to see a privilege summary.
3. For Target, select the target database for which you want to see a privilege summary.
You can access Microsoft SQL Server and Sybase targets individually via database-level connections or, as a group, via server-level connections.
4. For Database Name, select the name of the database for which you want to see a privilege summary.
5. Select the Users tab in order to see a list of users, or the Roles tab in order to see a list of roles, for the specified database.
Because MySQL does not support roles or groups of privileges, no Role tab is displayed for MySQL target databases.
In MySQL, a user is identified by a combination of a user name and host name, such as `root@localhost’ or ‘navicat@’. Therefore, two users with the same name but at different hosts can have different privileges.
a. After you have selected a user or role, you can then use the Privilege Type or Classification dropdown lists in order to filter the displayed information.
The subsequently available privilege information depends on:
FortiDB-user access having already been given to certain target-database system tables, catalogs, and/or views. (See the Target Privilege Matrix for a list of the appropriate tables.)
The particular combination of Privilege Type and Classification choices you make. (For more information on these choices, see “DB-Type Distinctions”.)
b. Optionally, you may export most of the privilege summary information that is displayed in one of the following file formats:
PDF (Portrait (the default) or Landscape orientation)
Tab-delimited text (.txt)
Comma-separated-values (.csv)
See also
DB-Type Distinctions
Privileges for VA assessments, privilege summaries, and penetration tests