Is there any way changing the priviledge after starting the managed server with the other user

Hi,
is there any way to change the user privilege after i have started the managed
server with one user.....say for example ....i have started one of my Managed
server as "root" ...but after that i wanted to make this instance work under as
"inet"
how do i do this OR is it possible ????
please advise ....
sangita

Thanks again Rob.
Rob Woollen <[email protected]> wrote:
>
>
sangita wrote:
Thanks Rob for been so quick in responding.
I have 3 questions for you:
Running a server under root is a huge security hole.My Question: 1) what are the probable security issues while runninga server under
root ?
are these security issues external(from outside world) or internal(internally
within a company) ?
Iam basically curious to know external threats.
The problem is the root user can do anything. So if someone finds a
security hole in your server, then they have complete control of your
system.
The usual reason people want to do this is so they can bind to a port
<
1024. ie they want their web server to listen to 80.My Question: 2) What is the harm in using port 80 for webserver andwhy do the
people wanted to bind to a port < 1024 ?
People normally use 80 for web servers because that's the well-known
port.
Personally I would not recommend that you go that route. I would
recommend that you start the server as a very unprivileged user andbind
it to some port (say 7001).
Most firewalls support redirecting ports. Your firewall can redirect
80
on the external net to 7001 on the internal net. That's the solution
I
would recommend.My Question: 3) Suppose iam having a cluster of 2 Managed servers runningon port
7070. And Iam having a Iplanet server working as a Webserver that basicallyproxies
requests to this cluster. Then what is the best approach that i shouldfollow
in this context.....to be honest with you ....i still couldnot understandwhat
does "binding" the webserver port to a managed server in weblogic mean.
I would have your firewall redirect 80 to whatever port Iplanet is
listening on and then have iplanet proxy to WLS.
Do not run your WLS servers as root.
-- Rob
Iam sorry for asking these "silly" questions(in your opinion) ...butiam a bit
confused.
thanks, sangita
Rob Woollen <[email protected]> wrote:
Running a server under root is a huge security hole.
The usual reason people want to do this is so they can bind to a port
<
1024. ie they want their web server to listen to 80.
There is a set uid option in WLS where you start the server as root
and
then after it binds to the low port, it will switch to another userthat
you specify.
Personally I would not recommend that you go that route. I would
recommend that you start the server as a very unprivileged user andbind
it to some port (say 7001).
Most firewalls support redirecting ports. Your firewall can redirect
80
on the external net to 7001 on the internal net. That's the solution
I
would recommend.
-- Rob
sangita wrote:
<Sure, it's possible to do this, >
how to do this?
<but why do you want to do it? >
Iam not sure why this group (the other group than me) does start theirserver
as "root"...but somebody from that group asked me about this today.
I would not recommend that you start WLS as root on your production
system ever under any cirucmstance.then what is the best approach and what are the pros and cons if westart the
server as "root" OR as different user ????
please advise ....
thanks again.
Rob Woollen <[email protected]> wrote:
Sure, it's possible to do this, but why do you want to do it?
I would not recommend that you start WLS as root on your production
system ever under any cirucmstance.
-- Rob
sangita wrote:
Hi,
is there any way to change the user privilege after i have startedthe managed
server with one user.....say for example ....i have started one
of
my Managed
server as "root" ...but after that i wanted to make this instance
work
under as
"inet"
how do i do this OR is it possible ????
please advise ....
sangita

Similar Messages

  • Is there any way to sync my lotus notes calendar and contacts with the calendar and contacts on my MacBook Pro?

    Is there any way to sync my lotus notes calendar and contacts with the calendar and contacts on my MacBook Pro?

    You would need to have enabled iCloud on your MBP. Your question indicated you did not.
    Its serial number is useful for establishing ownership should the MBP be recovered. File a police report.

  • Impossible to start UCM managed server with the WLS console

    Hi,
    I cannot start the UCM managed server with the WLS console. The node manager is running by startNodeManager.cmd. The admin server by startWebLogic.cmd.
    When I start the UCM server with the console WLS (Environment, Servers, Control tab and Start on the checked server), it seems to be running (the state is RUNNING) but when I open the url on the the web server UCM there is a 404 error
    In the log, there are many java.lang.ClassNotFoundException: oracle.jrf.wls.JRFStartup, oracle.security.jps.wls.JpsWlsStartupClass, oracle.core.ojdl.weblogic.ODLConfiguration, oracle.jrf.AppContextStartup, oracle.as.jmx.framework.wls.spi.StartupListener, oracle.ias.cache.Startup, oracle.dms.wls.DMSStartup ...
    If I start UCM directly by startManagedWebLogic.cmd and not with the WLS console, everything is OK. No error in the log and UCM server is working well
    Any idea ?
    Thanks
    Hugues

    Great!
    I had the same error: when starting UCM on WL Console, it starts and says Running. But when accessing it on the browser receive the error 404. In the other hand, when starting with Commands, it force shutdowns.
    I have set the StartScriptEnabled property to true, now I can start UCM only on the command Line, to start it on WL Console, I have to manually start the node manager.
    Is there a way/script to start the node manager automatically?
    Regards,

  • In the Kindle app, is there any way to delete books after I have read them?

    In the Kindle app, is there any way to delete books after i have read them?

    Nevermind that first part as I forgot that nothing shows up for the Nano at all in Device Manager,
    The 2nd half of my reply still applies:
    Otherwise, try uninstalling all USB root controlllers from your system, rebooting your PC, and reconnecting your Nano. This root controller drivers will automatically be re-installed upon reboot.
    B-rock

  • HT5244 Is there any way to find out after(!) running die Update, if i have been infected?

    Is there any way to find out after(!) running die Update, if i have been infected?

    Run any one of these tools: http://reviews.cnet.com/8301-13727_7-57413811-263/flashback-malware-removal-tool -roundup/
    Or you can check manually: http://reviews.cnet.com/8301-13727_7-57410096-263/how-to-remove-the-flashback-ma lware-from-os-x/

  • I use firefox - Is there any way to make it so my internet browser only remembers the MAIN site? -- EG: Only Youtube.co.uk instead of Youtube.co.uk/VIDEO ect

    I use firefox - Is there any way to make it so my internet browser only remembers the MAIN site? -- EG: Only Youtube.co.uk instead of Youtube.co.uk/VIDEO ect.ect. WHISPER PLEASE

    Is this to reduce the clutter of suggestions on the address bar, or for some other reason?
    You can change the address bar drop-down so it only suggest bookmarked sites instead of everything in your history. This article describes how to make that change: [[Awesome Bar - Find your bookmarks, history and tabs when you type in the address bar]] (see the section "How can I control what results the location bar shows me?").
    Am I on the right track?
    (I'm avoiding the really hard question of how to selectively cull your history. I can't think of a way to do that.)

  • Is there any way I can view / remove pictures from Camera Roll on the iPhone, on a Mac, without actually importing the files?

    Is there any way I can view / remove pictures from Camera Roll on the iPhone, on a Mac, without actually importing the files? I just want to view / delete files without importing them.
    For instance I have 1200 photos on my iPhone Camera Roll. Some of these are shots, that I've taken multiple times, some good, some bad. I just want to clean up my Camera Roll, but going through the pictures on the iPhone's small screen is tedious. I'd much rather look at the camera roll's photo's on my Mac, and then decide which files I'd like to keep, and which to delete.
    I don't want to import the files, as when I import the files, and delete them from Camera Roll, now the Photo's are not on my phone, and the only way to get them back on my Phone is to Import them back in using iTunes, and then they go into the Picture Library and not the Camera Roll.
    In the same way as I can view Pics from my digital camera's SD card on a Mac without having to actually copy them to my computer, is there any app out there that will let me view my iPhone pics without importing them.

    gsharp01 wrote:
    Is there any way I can view / remove pictures from Camera Roll on the iPhone, on a Mac, without actually importing the files? I just want to view / delete files without importing them.
    The short answer is yes.
    Connect your iPhone to your computer.
    Open Image Capture application.
    Click on the 4 little squares at bottom to view them as photos, not a list.
    Select the photos them click the No Entry icon at bottom to delete.

  • Is there any way to an index that can be used to include the "OR condition "?

    Hello I have some questions.
    The test was conducted in the following procedure .
    create table test
    c1 varchar2(10),
    c2 varchar2(10),
    primary key(c1)
    create index test_idx1 on test(c2);
    Command> explain select * from test where c1 = 'AAAAAAAAAA' or c2 = 'AAAAAAAAAA';
    Query Optimizer Plan:
      STEP:                1
      LEVEL:               1
      OPERATION:           RowLkRangeScan
      TBLNAME:             TEST
      IXNAME:              TEST
      INDEXED CONDITION:   <NULL>
      NOT INDEXED:         TEST.C2 = 'AAAAAAAAAA' OR TEST.C1 = 'AAAAAAAAAA'
    Command>
    Command> explain select * from test where c1 = 'AAAAAAAAAA' and c2 = 'AAAAAAAAAA'
    Query Optimizer Plan:
      STEP:                1
      LEVEL:               1
      OPERATION:           RowLkRangeScan
      TBLNAME:             TEST
      IXNAME:              TEST
      INDEXED CONDITION:   TEST.C1 = 'AAAAAAAAAA'
      NOT INDEXED:         TEST.C2 = 'AAAAAAAAAA'
    Command>
    By including the "OR condition " in this test does not use the index.
    Is there any way to an index that can be used to include the "OR condition "?
    Thanks.
    GooGyum.

    A database cannot in general use indexes in this way for an 'or' involving two different columns. However, for this specific example one can easily rewrite the query using 'UNION' to use the relevant indexes while still giving the same (correct) result:
    Command> explain select * from test t1 where t1.c1 = 'AAAAAAAAAA' union select * from test t2 where t2.c2 = 'AAAAAAAAAA';
    Query Optimizer Plan:
      STEP:                1
      LEVEL:               1
      OPERATION:           RowLkRangeScan
      TBLNAME:             TEST
      IXNAME:              TEST
      INDEXED CONDITION:   T1.C1 = 'AAAAAAAAAA'
      NOT INDEXED:         <NULL>
      STEP:                2
      LEVEL:               2
      OPERATION:           RowLkRangeScan
      TBLNAME:             TEST
      IXNAME:              TEST_IDX2
      INDEXED CONDITION:   T2.C2 = 'AAAAAAAAAA'
      NOT INDEXED:         <NULL>
      STEP:                3
      LEVEL:               1
      OPERATION:           OrderBy
      TBLNAME:             <NULL>
      IXNAME:              <NULL>
      INDEXED CONDITION:   <NULL>
      NOT INDEXED:         <NULL>
      STEP:                4
      LEVEL:               2
      OPERATION:           UnionMergeSort
      TBLNAME:             <NULL>
      IXNAME:              <NULL>
      INDEXED CONDITION:   <NULL>
      NOT INDEXED:         <NULL>
    Maybe you can apply a similar trick? If you know there is no possibility of duplicate rows then you can further optimise this (in terms of performance) by using UNION ALL.
    Chris

  • HT3576 I accidently cleared the push notifications on my i pad and now i want to see them back.is there any way to see them,because i have to see all the application what the notifications was for.it takes a lot of time.i am isking this to save my time in

    I accidently cleared the push notifications on my i pad and now i want to see them back.is there any way to see them,because i have to see all the application what the notifications was for.it takes a lot of time.i am isking this to save my time in future

    I found one other way to do it.  I just deleted them all out of my iTunes library. Now I can re-import them from Window's My Music file with the original artists' names intact.
    Thanks for your help, Matt!

  • HT4407 Is there any way to download these files manually from another source? The download from boot camp keeps stopping at around 25% and then produces the error "Can't download Windows Support Software because of a network problem". Thx!

    Is there any way to download these files manually from another source? The download from boot camp keeps stopping at around 25% and then produces the error "Can't download Windows Support Software because of a network problem". Thx!

    No. This issue is dicussed here frequently. The only option is to be patient and try often. Search this forum for other posts about this issue.

  • Is there any way for my phone NOT to be on silent on the lock screen?

    Is there any way for my phone NOT to be on silent on the lock screen?

    Make sure the Mute switch isn't enabled.   If you see orange, it's in silent mode.

  • Is there a way of shifting purchases from one account to another with the same billing information, so that I don't lose purchases made by my iPhone when I sync?

    The AOL address I was using for my iTunes account has been deleted due to me not signing in for awhile and I'm afraid that I will lose all of my purchases made from my iphone when I sync it into iTunes for a much needed update and so that I can (hopefully) transfer its data to my new iPhone 4...
    The only time I have synced my current iPhone was when I activated it but since then I have not been able to sync with my computer and now have a new one.
    Sorry about the garbled way this is written but I desperately need help:
    1, Is there a way of shifting purchases from one account to another with the same billing information?
    Or
    2, is there a way of recovering my old account and changing the details?
    Any other help is greatly appreciated
    Thom

    You don't need to access your e-mail account, just get into your Apple account and change the e-mail address. If you can't access your Apple account, then you have a bigger issue to contend with.

  • I have a DVD project that takes about 14 hours to generate. Is there any way to periodically save it during encoding so power failures or other problems do not require a complete restart?

    I have a DVD project that takes about 14 hours to generate. Is there any way to periodically save it during encoding so power failures or other problems do not require a complete restart?

    No.  Are you saving the project as a disk image rather than burning directly to disk from iDVD?  If not then that's what I suggest you do.  That will separate the encoding process from the burn process to save time and disks if the encoding is bad.  It also lets you burn a second or third disk without having to encode again.
    OT

  • Hello  i got  problem. iphone doesnt restore  even using itunes.its stuck in recovery mode and i cannt do anything with it.error 1015  is there any way to reinstall software even if itunes cannot deal with it ?

    hello  i got  problem. iphone doesnt restore  even using itunes.its stuck in recovery mode and i cannt do anything with it.error 1015  is there any way to reinstall software even if itunes cannot deal with it ?

    Usually this error occurs when trying to downgrade the iOS or in a previously jailbroken phone.  In this case, you cannot get help here.  The internet and Google are your best friends.

  • Is there any way to use a For Each Loop for each property of an User Defined Type?

    Is there any way to use a For Each Loop for each property of an User Defined Type? That would be very handy!
    Jorge Barbi Martins ([email protected])

    Alas, no, not in VBA.
    Regards, Hans Vogelaar (http://www.eileenslounge.com)

  • Is there a way not to have to chose an available server in the console when deploying an ejb?

    Is there a way not to have to chose an available server in the console when deploying
    an ejb? Everytime we deploy our beans we have to logon to the console select the
    ejb and then chose a server under the tab targets? Can this be automated?

    You could try to select the target in the config.xml file, but this is
    not recommended by BEA.
    Nils
    Fred Bloggs wrote:
    >
    Is there a way not to have to chose an available server in the console when deploying
    an ejb? Everytime we deploy our beans we have to logon to the console select the
    ejb and then chose a server under the tab targets? Can this be automated?--
    ============================
    [email protected]

Maybe you are looking for

  • Query SQ01/ SQ02.

    Hi all, Can anyone provide me material / related links to SQL query. Thanks in advance. Needful will be rewarded points.

  • Alv data upload and delete in database table

    hi .    i have done data save in date base but not update and delete..writen this code.. form save_data.   CALL METHOD cont_editalvgd->check_changed_data.   IF lt_display EQ it_city.     MESSAGE s002(00) WITH 'No data changed'.   ELSE.     CLEAR: gd_

  • One website is not opening in Safari or chrome

    I have a strange problem. One website called www.abudhabievents.ae is not opening in Safari nor chrome and whenever I am trying its showing the following error : - usr/local/cache/files/block.html;403 I tried this website on my windows pc and could o

  • PL/SQL : read in text file

    Hi i understand that utl_file works only on server side if we want to readin text file. May i know if i do not have access to the server side, is there anyway for me to readin a text file using PL/SQL ? For some advice please Thank you Boon Yiang

  • ISO code Configuration for new UOM creation

    Hi gurus, have a Technical query. I am configuring UOM's in SAP. For this I need to give ISO Code value as well. To configure ISO code values -> the SPRO direct links are not working...I tried with few more other links.. but nothing is working out. C