- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: Mutiple DB's on one Cluster - Security proble...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-27-2003 07:07 PM
тАО11-27-2003 07:07 PM
Mutiple DB's on one Cluster - Security problem
We have multiple DB's on one Cluster serving the whole of South Africa. Users from all over connects to their own DB's , but it leaves it open to access the other db's as well. Instead of setting up hundreds of menu's only allowing certain access , is there any way to block a specific userid from accessing anything besides their DB ?
THank you
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-27-2003 07:16 PM
тАО11-27-2003 07:16 PM
Re: Mutiple DB's on one Cluster - Security problem
No user should be a member of the oracle dba group and then use different users in different dbs. Can you specify, how users can access other dbs?
greetings,
Michael
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-27-2003 07:21 PM
тАО11-27-2003 07:21 PM
Re: Mutiple DB's on one Cluster - Security problem
You have multiple DB's on one Cluster.
Do you have the same Users in each database with the same passwords ?
Does the User connect via:
- sqlnet
- telnet, rlogin, ssh, ...
- applicationserver
- ...
Should the user be blocked
on the server --> firewall
on the database --> maybe logontrigger
in the application --> new application code
Please give us more information
Chris
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-27-2003 07:42 PM
тАО11-27-2003 07:42 PM
Re: Mutiple DB's on one Cluster - Security problem
Ok , let me clarify it a bit more. We're running MFG/PRO for different plants in South Africa on the one cluster. All the plants are split by plant codes and also have the /home directory split between different plants.
All the DB's also have their own mounts under the main DB directory , but all users are on added to access everything.
Basically what I want to do is create a menu script with all plants' db's , but when one user tries to connect to any db , except their own , they shouldn't be able to.
Can this be setup with group memberships on UNIX or what other others are there ?
Thanx
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-27-2003 07:55 PM
тАО11-27-2003 07:55 PM
Re: Mutiple DB's on one Cluster - Security problem
sorry for asking again, I don't know MFG/PRO.
How does the user connect to the server, is is a unix-like login or a login via an applikationserver.
What is the criterium to decide which user should connect to which database (name, userid, ip-adress, ...)
Chris
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-27-2003 08:04 PM
тАО11-27-2003 08:04 PM
Re: Mutiple DB's on one Cluster - Security problem
$MFGE/mfgpro90 $MFGLIVE/a325/mfg9-0a $MFGLIVE/a325/gui9-0a $MF
GE/hlp9-0a $MFGE/cfg9-0a $MFGLIVE/a325/epm9-0a $MFGE/kbn9-0a;;
Where the variables are :
MFGE=/mnt/mfg/product/mfg9-0a
MFGLIVE=/mnt/mfg/live
MFGTEST=/mnt/mfg/test
As you can see , the /a325 shows one of the different plant codes.
Any user can connect to MFG , that's why I want to block access some other way.
Thanx
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-28-2003 05:33 AM
тАО11-28-2003 05:33 AM
Re: Mutiple DB's on one Cluster - Security problem
As Chris wrote, this problem can be solved at many different levels. Specifically, you could easily have unix user (groups) that set up context for just one of the many db's
if your are using 'OPC' authorization in the db. And you could create usernames in Oracle.
However, before you go invent a new wheel, please be sure to triplecheck MFG/PRO provide security recommendations. If it is a half-serious application vendor it will certainly have suggestions, maybe even hard rules. Heck, I would also expect some sort of menu drives, db selector. surely you are not alone in you usage.
btw... if you were to present me as a user a menu with several options, but only one option/db allowed then that would annoy me.
If there is but one place to go... then take me there and do not show me alternatives (or at least grey them out).
I realize this does not answer you immediat question, but i hope it helps a little anyway.
Cheers,
Hein.