Privileges & Security
I'm reviewing security on SQL Servers. Trying to get an idea what the gurus are doing for web applications.
Currently:
We use a domain account for web applications access to SQL Server, let's call the username InternetUsr.
For security, we GRANT InternetUsr execute permissions on SPs.
We also explicitly DENY SELECT on the following (in SQL2000)
DENY SELECT ON sysobjects TO
DENY SELECT ON sysindexes TO
DENY SELECT ON syscolumns TO
DENY SELECT ON systypes TO
DENY SELECT ON syscomments TO
DENY SELECT ON sysfiles1 TO
DENY SELECT ON syspermissions TO
DENY SELECT ON sysusers TO
DENY SELECT ON sysproperties TO
DENY SELECT ON sysdepends TO
DENY SELECT ON sysreferences TO
DENY SELECT ON sysfulltextcatalogs TO
DENY SELECT ON sysindexkeys TO
DENY SELECT ON sysforeignkeys TO
DENY SELECT ON sysmembers TO
DENY SELECT ON sysprotects TO
DENY SELECT ON sysfulltextnotify TO
DENY SELECT ON sysfiles TO
DENY SELECT ON sysfilegroups TO
And on SQL2008 I'm planning to explicitly DENY SELECT on
DENY SELECT ON sys.objects TO
DENY SELECT ON sys.indexes TO
DENY SELECT ON sys.columns TO
DENY SELECT ON sys.types TO
DENY SELECT ON sys.sql_modules TO
DENY SELECT ON sys.database_files TO
DENY SELECT ON sys.database_permissions TO
DENY SELECT ON sys.database_principals TO
DENY SELECT ON sys.sql_expression_dependencies TO
DENY SELECT ON sys.foreign_keys TO
DENY SELECT ON sys.fulltext_catalogs TO
DENY SELECT ON sys.index_columns TO
DENY SELECT ON sys.foreign_key_columns TO
DENY SELECT ON sys.database_role_members TO
DENY SELECT ON sys.database_permissions TO
DENY SELECT ON sys.filegroups TO
The reasons are pretty obvious I think. If someone hacks the web server, and got hold of the clear text password on the web.config file, they are not able to do much with that user except execute the SPs.
Question 1: Is that all the sys views or is there more that I should be denying?
Question 2: Is that a good practice from the security standpoint for a web applications service account?
>Question 2: Is that a good practice from the security standpoint for a web applications service account?
No. Generally unnecessary in SQL Server 2005 and later. From BOL:
"In earlier versions of SQL Server, metadata for all objects in a database is visible to members of the
public role. This means that any user that is logged on to an instance of SQL Server can view metadata for every object in the server, even those objects on which a user has no rights.
In SQL Server 2005 and later, the visibility of metadata is limited to securables that a user either owns or on which the user has been granted some permission. For example, the following query returns a row if the user has been granted a permission such
as SELECT or INSERT on the table myTable."
Metadata Visibility Configuration
David
David http://blogs.msdn.com/b/dbrowne/
Similar Messages
-
New Apps User defaults with all User Edition Privileges - Security Breach?
Please check the following Scenario/Issue and please let me know if anyone has a solution for it.
1. In Apps, created following Responsibilities
- Payables Inquiry-Only User
- Projects Inquiry-Only User
2. In Discoverer Admin, Tools->Privileges, assigned following privilege to "Payables Inquiry-Only User"
- User Edition Parent only (unchecked all child privileges such as Create/Edit Query)
3. In Discoverer Admin, Tools->Security, mapped following Responsibilities/Business Areas (BA)
- Resp: Payables Inquiry-Only User BA: AP Payables
- Resp: Projects Inquiry-Only User BA: PA Projects
4. In Apps, created user DISC_INQUIRY_USER, assigned following responsibilities
- Payables Inquiry-Only User
- Projects Inquiry-Only User
5. At this stage, if user connects to User Edition;
- user is able to create new query in BA: AP Payables or BA: PA Projects depending on login Responsibility
- By default Discoverer assigns all User Edition Privileges to new Apps User including Create/Edit Query
Requirement
1. Create new Apps User DISC_INQUIRY_USER, assign it Inquiry-Only Responsbilities
2. Login to User Edition - DISC_INQUIRY_USER: Payables Inquiry-Only User
- User can inquiry Workbooks associated with Resp: Payables Inqiry-Only user
- Should not be able to create new workbooks
3. Login to User Edition - DISC_INQUIRY_USER: Projects Inquiry-Only User
- User can inquiry Workbooks associated with Resp: Projects Inquiry-Only User
- Should not be able to create new workbooks
Issue
There is time-gap between creating Apps User and login to Discoverer Admin to remove user privileges. This is security Breach, is their any way to change get around it.
- Discoverer gives precedence to Responsibility Privileges over User Privileges. Is their any way to change it?
- Is it possible to change default Privileges for new Apps User?
- I am facing this issue in Discoverer 4.1.48, Does discoverer Admin behaves differently in latest Versions?Nobody helps you except yourself. ;)
So, this query get privileges for user PUBLIC
select eap.ap_id, eap.gp_app_id
from eul5_eul_users eeu,
eul5_access_privs eap
where eeu.eu_username = 'PUBLIC'
and eap.ap_eu_id = eeu.eu_id
and eap.ap_type = 'GP'
In my case
3001 1000
3002 1001
3003 1002
3004 1003
3005 1004
3006 1005
3015 1013
3016 1014
3017 1018
3018 1024
I research а corresponding between gp_app_id (second column) and real name of privilege and get the next list:
1000 Discoverer and Plus Privilege
1001 Create/Edit Query
1002 Item Drill
1003 Drill Out
1004 Grant Workbook
1005 Collect Query Statistics
1006 Administration Privilege
1007 Set Privilege
1008 Create/Edit Business Area
1009 Format Business Area
1010 Create/Edit Summaries
1012 Schedule Workbook
1013 Unknown
1014 Save Workbooks to Database
1015 Manage Scheduled Workbooks
1018 Unknown
1024 Create Link
So, the ID of privilege 'Save Workbooks to Database' is 1014. This privilege exists in table in spite of in Discoverer Administrator this option UNCHECK for user PUBLIC.
This is a REAL BUG!!!
Then I executed query
delete from eul5_access_privs where ap_id = 3016
and after that all became right.
Now please explain me this bug. And I have question - which privileges have IDs 1013 and 1018?
Thank you. -
Column Privilege Security Bug in Oracle 9i
There seems to be a bug in matching column privileges between VIEW and TABLE objects. In the SQL script below, this bug lets users INSERT values into columns that they do not have INSERT privileges on. (I guess that the bug would also let people UPDATE columns they do not own).
This is the first time I've come into this forum, so please accept my appologies if this is the wrong place to report bugs, or this bug is already widely known.
Adam
In the following scripts, SYSTEM grants INSERT on column A, but column B gets inserted.
SQL> connect system/manager @DB2
SQL> create table t1(a int,b int,c int);
SQL> create user adam identified by adam;
SQL> grant create view to adam;
SQL> grant select on t1 to adam;
SQL> grant insert(a) on t1 to adam;
SQL> connect adam/adam @DB2
SQL> create view v1 as select b y,c z,a x from system.t1;
SQL> insert into v1(y) values(1);
SQL> commit;
SQL> connect system/manager @DB2
SQL> select * from t1;
A B C
1I've given here the required details:
SQL*Plus: Release 8.0.5.0.0 - Production on Tue Jul 15 22:47:45 2003
(c) Copyright 1998 Oracle Corporation. All rights reserved.
Connected to:
Oracle9i Enterprise Edition Release 9.2.0.1.0 - Production
With the Partitioning, OLAP and Oracle Data Mining options
JServer Release 9.2.0.1.0 - Production
DEV> drop table tmp_kar
2 /
Table dropped.
DEV> create table tmp_kar (
2 item_code varchar2(10) not null,
3 document_no varchar2(6) not null,
4 document_date date not null,
5 ccn varchar2(3))
6 /
Table created.
DEV> create index idx_tmp_krd__doc_date on tmp_kar (document_date desc) tablespace indx
2 /
Index created.
DEV> insert into tmp_kar values ('G40101008','x','03-jan-2003','xxx')
2 /
1 row created.
DEV> drop table tmp_ccn
2 /
Table dropped.
DEV> create table tmp_ccn (ccn varchar2(3))
2 /
Table created.
DEV> insert into tmp_ccn values ('xxx')
2 /
1 row created.
DEV> commit
2 /
Commit complete.
DEV> select k.ccn, document_date
2 from tmp_kar k, tmp_ccn c
3 where item_code = 'G40101008' and
4 document_date >= '31-dec-2002' and
5 document_date < '02-apr-2003' and
6 k.ccn = c.ccn
7 /
CCN DOCUMENT_
xxx 03-JAN-03
DEV> select k.ccn, document_date
2 from tmp_kar k
3 where item_code = 'G40101008' and
4 document_date >= '31-dec-2002' and
5 document_date < '02-apr-2003' and
6 ccn in (select ccn from tmp_ccn)
7 /
no rows selected
DEV>
Though the two sql statements should give the same result, it is not so.
I suspect some bug in indexing document_date desc. What could be the reason? -
Oracle Security : what do you think about the following policy violation ?
If you install OEM10, you will be able to see if you violate some security guidelines :
Interresting is revoking UTL_FILE from public, which is critical. Also revoke UTL_TCP and UTL_SMTP. This is going to upset an expert I know...
Take care about the failed login attempts. If you set it to 10 to the default profile, and if your DBSNMP password is NOT the default password, then Oracle will lock your account after node discovery!
In Solaris, you can disable execution of the user stack with the system parameters set noexec_user_stack=1
set noexec_user_stack_log=1. I did not find how to do it on AIX. However, those settings may have side effects.
About the ports, it complains about open ports, even if this is the port oracle listener is using! Simply ignore most of the violations there.
About JAccelerator (NCOMP), it is located on the "companion" CD.
Ok, Waiting for your feedback
Regards
Laurent
[High] Critical Patch Advisories for Oracle Homes Configuration Host Checks Oracle Homes for missing critical patches
[High] Insufficient Number of Control Files Configuration Database Checks for use of a single control file
[High] Open ports Security Host Check for open ports
[High] Remote OS role Security Database Check for insecure authentication of remote users (remote OS role)
[High] EXECUTE UTL_FILE privileges to PUBLIC Security Database Test for PUBLIC having EXECUTE privilege on the UTIL_FILE package
[High] Listener direct administration Security Listener Ensure that listeners cannot be administered directly
[High] Remote OS authentication Security Database Check for insecure authentication of remote users (remote OS authentication)
[High] Listener password Security Listener Test for password-protected listeners
[High] HTTP Server Access Logging Security HTTP Server Check that HTTP Server access logging is enabled
[High] Web Cache Access Logging Security Web Cache Check that Web Cache access logging is enabled
[High] Web Cache Dummy wallet Security Web Cache Check that dummy wallet is not used for production SSL load.
[High] HTTP Server Dummy wallet Security HTTP Server Check that dummy wallet is not used for production SSL load.
[High] Web Cache owner and setuid bit' Security Web Cache Check that webcached binary is not owned by root and setuid is not set
[High] HTTP Server Owner and setuid bit Security HTTP Server Check the httpd binary is not owned by root and setuid bit is not set.
[High] HTTP Server Directory Indexing Security HTTP Server Check that Directory Indexing is disabled on this HTTP Server
[High] Insufficient Redo Log Size Storage Database Checks for redo log files less than 1 Mb
[Medium] Insufficient Number of Redo Logs Configuration Database Checks for use of less than three redo logs
[Medium] Invalid Objects Objects Database Checks for invalid objects
[Medium] Insecure services Security Host Check for insecure services
[Medium] DBSNMP privileges Security Database Check that DBSNMP account has sufficient privileges to conduct all security tests
[Medium] Remote password file Security Database Check for insecure authentication of remote users (remote password file)
[Medium] Default passwords Security Database Test for known accounts having default passwords
[Medium] Unlimited login attempts Security Database Check for limits on the number of failed logging attempts
[Medium] Web Cache Writable files Security Web Cache Check that there are no group or world writable files in the Document Root directory.
[Medium] HTTP Server Writable files Security HTTP Server Check that there are no group or world writable files in the Document Root directory
[Medium] Excessive PUBLIC EXECUTE privileges Security Database Check for PUBLIC having EXECUTE privileges on powerful packages
[Medium] SYSTEM privileges to PUBLIC Security Database Check for SYSTEM privileges granted to PUBLIC
[Medium] Well-known accounts Security Database Test for accessibility of well-known accounts
[Medium] Execute Stack Security Host Check for OS config parameter which enables execution of code on the user stack
[Medium] Use of Unlimited Autoextension Storage Database Checks for tablespaces with at least one datafile whose size is unlimited
[Informational] Force Logging Disabled Configuration Database When Data Guard Broker is being used, checks primary database for disabled force logging
[Informational] Not Using Spfile Configuration Database Checks for spfile not being used
[Informational] Use of Non-Standard Initialization Parameters Configuration Database Checks for use of non-standard initialization parameters
[Informational] Flash Recovery Area Location Not Set Configuration Database Checks for flash recovery area not set
[Informational] Installation of JAccelerator (NCOMP) Installation Database Checks for installation of JAccelerator (NCOMP) that improves Java Virtual Machine performance by running natively compiled (NCOMP) classes
[Informational] Listener logging status Security Listener Test for logging status of listener instances
[Informational] Non-uniform Default Extent Size Storage Database Checks for tablespaces with non-uniform default extent size
[Informational] Not Using Undo Space Management Storage Database Checks for undo space management not being used
[Informational] Users with Permanent Tablespace as Temporary Tablespace Storage Database Checks for users using a permanent tablespace as the temporary tablespace
[Informational] Rollback in SYSTEM Tablespace Storage Database Checks for rollback segments in SYSTEM tablespace
[Informational] Non-System Data Segments in System Tablespaces Storage Database Checks for data segments owned by non-system users located in tablespaces SYSTEM and SYSAUX
[Informational] Users with System Tablespace as Default Tablespace Storage Database Checks for non-system users using SYSTEM or SYSAUX as the default tablespace
[Informational] Dictionary Managed Tablespaces Storage Database Checks for dictionary managed tablespaces (other than SYSTEM and SYSAUX)
[Informational] Tablespaces Containing Rollback and Data Segments Storage Database Checks for tablespaces containing both rollback (other than SYSTEM) and data segments
[Informational] Segments with Extent Growth Policy Violation Storage Database Checks for segments in dictionary managed tablespaces (other than SYSTEM and SYSAUX) having irregular extent sizes and/or non-zero Percent Increase settingsInterresting is revoking UTL_FILE from public, which is critical. Also revoke UTL_TCP and UTL_SMTP. This is going to upset an expert I know...Okay, as this is (I think) aimed at me, I'll fall for it ;)
What is the point of revoking UTL_FILE from PUBLIC? Yes I know what you think the point is, but without rights on an Oracle DIRECTORY being able to execute UTL_FILE is useless. Unless of course you're still using the init.ora parameter
UTL_FILE_DIR=*which I sincerely hope you're not.
As for UTL_SMTP and UTL_TCP, I think whether a program is allowed to send e-mail to a given SMTP server is really in the remit of the e-mail adminstrator rather than the DBA.
Look, DBAs are kings of their realm and can set their own rules. The rest of us have to live with them. A couple of years ago I worked a project where I was not allowed access to the USER_DUMP_DEST directory. So every time I generated a TRC file I had to phone up the DBA and a couple of hours later I got an e-mail with an attachment. Secure yes, but not very productive when I was trying to debug a Row Level Security implementation.
I have worked on both sides of the DBA/Developer fence and I understand both sides of the argument. I think it is important for developers to document all the privileges necessary to make their app run. Maybe you don't have a better way of doing that than revoking privileges from PUBLIC. Or maybe you just want to generate additional communication with developers. That's fine. I know sometimes even DBAs get lonely.
Cheers, APC -
What is the system privilege required to grant "Analytic Privilege" to a user
Hi SCN,
I have the user with following privileges:
SYSTEM Privileges: CATALOG READ,CREATE STRUCTURED PRIVILEGE,DATA ADMIN,STRUCTUREDPRIVILEGE ADMIN,USER ADMIN
PACKAGE Privileges: SECURITY
OBJECT Privileges: _SYS_BI,_SYS_BIC and REPOSITORY_TEST
Am able to create a AP, but not able to assign to a user. Checked different threads and documents, Am able to add with "SYSTEM" user but not with the generic user i have
I can't do tracing as it is disabled in the client system
Am i missing something here? Can someone help me please?
Regards,
Krishna TanguduThank you so much Raj.
I was expecting this kind of privilege under SYSTEM PRIVILEGE.
So other privileges which i mentioned are fine right?
Regards,
Krishna Tangudu -
Unable to log in as a regular user after a reboot
Hello Everybody,
I have a SPARC SunBlade 2000 with 2 GB of memory running Solaris 10 with the following configuration:
root@auyantepui # cat /etc/release
Solaris 10 5/09 s10s_u7wos_08 SPARC
Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
Use is subject to license terms.
Assembled 30 March 2009
root@auyantepui # uname -a
SunOS auyantepui 5.10 Generic_139555-08 sun4u sparc SUNW,Sun-Blade-1000
root@auyantepui # I had an instance of Oracle 11g running without too much activity and I was just finishing installing Weblogic 10 Application Server in the same system,
when the system got extremely slow that became pretty much unresponsive.
As soon as I could in a terminal window I typed init 5 to bring the system down.
Since I brought the system up I have been unable to log in as me user "morillo" or user "oracle".
I can only log into the system as user "root".
root@auyantepui # su - morillo
su: No shell
root@auyantepui #
root@auyantepui #
root@auyantepui #
root@auyantepui # su - oracle
su: No shell
root@auyantepui #Obviously I have a shell for both users in /etc/passwd
root@auyantepui # cat /etc/passwd
root:x:0:0:Super-User:/:/sbin/sh
daemon:x:1:1::/:
bin:x:2:2::/usr/bin:
sys:x:3:3::/:
adm:x:4:4:Admin:/var/adm:
lp:x:71:8:Line Printer Admin:/usr/spool/lp:
uucp:x:5:5:uucp Admin:/usr/lib/uucp:
nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico
smmsp:x:25:25:SendMail Message Submission Program:/:
listen:x:37:4:Network Admin:/usr/net/nls:
gdm:x:50:50:GDM Reserved UID:/:
webservd:x:80:80:WebServer Reserved UID:/:
postgres:x:90:90:PostgreSQL Reserved UID:/:/usr/bin/pfksh
svctag:x:95:12:Service Tag UID:/:
nobody:x:60001:60001:NFS Anonymous Access User:/:
noaccess:x:60002:60002:No Access User:/:
nobody4:x:65534:65534:SunOS 4.x NFS Anonymous Access User:/:
morillo:x:33353:10:Carlos A. Morillo:/home/morillo:/bin/csh
oracle:x:100:102:Oracle DBA:/auyantepui/oracle:/bin/csh
apache:x:101:101:Oracle Apache:/auyantepui/apache:/bin/csh
root@auyantepui #
root@auyantepui #
root@auyantepui #
root@auyantepui # ls -l /bin/csh
-r-xr-xr-x 2 root bin 151456 Aug 8 2006 /bin/csh
root@auyantepui # file /bin/csh
/bin/csh: ELF 32-bit MSB executable SPARC Version 1, dynamically linked, stripped
root@auyantepui # Only including the last part of the truss output:
1557: fstat64(4, 0xFFBFE1D0) = 0
1557: ioctl(4, TCGETA, 0xFFBFE2B4) Err#25 ENOTTY
1557: write(4, " S U 0 7 / 1 2 1 1 :".., 36) = 36
1557: close(4) = 0
1557: setgid(10) = 0
1557: sysconfig(_CONFIG_NGROUPS) = 16
1557: open("/etc/default/nss", O_RDONLY|O_LARGEFILE) = 4
1557: fcntl(4, F_DUPFD, 0x00000100) Err#22 EINVAL
1557: read(4, " # i d e n t\t " @ ( #".., 1024) = 749
1557: read(4, 0xFF342400, 1024) = 0
1557: close(4) = 0
1557: getuid() = 0 [0]
1557: getuid() = 0 [0]
1557: door_info(3, 0xFFBFE9B8) = 0
1557: door_call(3, 0xFFBFEA60) = 0
1557: setgroups(2, 0x0002C248) = 0
1557: setuid(33353) = 0
1557: chdir("/home/morillo") = 0
1557: munmap(0xFF060000, 4458) = 0
1557: munmap(0xFF072000, 544) = 0
1557: munmap(0xFF010000, 11897) = 0
1557: munmap(0xFF024000, 948) = 0
1557: munmap(0xFEFF0000, 10532) = 0
1557: munmap(0xFF004000, 1298) = 0
1557: munmap(0xFEFD0000, 14306) = 0
1557: munmap(0xFEFE4000, 1494) = 0
1557: munmap(0xFEFA0000, 129457) = 0
1557: munmap(0xFEFC0000, 7432) = 0
1557: munmap(0xFEF80000, 13029) = 0
1557: munmap(0xFEF94000, 1592) = 0
1557: munmap(0xFEF50000, 125737) = 0
1557: munmap(0xFEF70000, 4824) = 0
1557: munmap(0xFEF30000, 38927) = 0
1557: munmap(0xFEF4A000, 1860) = 0
1557: munmap(0xFEF10000, 4760) = 0
1557: munmap(0xFEF22000, 988) = 0
1557: munmap(0xFF030000, 54114) = 0
1557: munmap(0xFF04E000, 5104) = 0
1557: sigaction(SIGXCPU, 0xFFBFF048, 0xFFBFF0E8) = 0
1557: sigaction(SIGXFSZ, 0xFFBFF048, 0xFFBFF0E8) = 0
1557: execve("/bin/csh", 0xFFBFF118, 0x000268A0) Err#13 EACCES [file_dac_search]
1557: fstat64(2, 0xFFBFE1E8) = 0
su: 1557: write(2, " s u : ", 4) = 4
No shell1557: write(2, " N o s h e l l", 8) = 8
1557: write(2, "\n", 1) = 1
1557: _exit(3)
auyantepui#
{code}
Checking the Err#13 EACCES [file_dac_search] in /usr/include/sys/errno.h I have
{code}errno.h:#define EACCES 13 /* Permission denied */{code}
I suspect file_dac_search has to do with process privileges and the "Least Privilege" Security framework
introduced with Solaris 10.
Any ideas? Suggestions? Recommendations how to fix this?
There has to be some way to restore the default privileges I had before the reboot.
I guess something got corrupted during the reboot.
Thanks in advance,
Carlos.>
Just as an FYI OpenSolaris build 134 uses the automounter to mount /export/home to /home and /home is actually being written to /etc/passwd. So if you're still in the habit of telling Linux admins to disable the automounter please stop.
[http://opensolaris.org/jive/thread.jspa?messageID=482048񵬀|http://opensolaris.org/jive/thread.jspa?messageID=482048񵬀]
alanNever was in that habit. My automounter is not disabled and is configured as such. I don't think it was that way out of the box, however. Dunno about OpenSolaris. The SMC, whenever you make changes to a user account, still overwrites your home directory of "/export/home/userid" with "/home/userid", and this will prevent you from logging in. If you use the SMC you need to go back and change the home directory; I don't know if they created patches in the past year to correct this since I quit using it, that being one of the reasons. -
Hi, im a new user to oracle express edition and have been given a task at university to complete.
Iv tried searching for tutorials myself but i either A cannot find the ones i need, or B dont understand them,
my task is:
A soft drinks company based in Cramlington require an individual to undertake a data analysis project. The company would like you to produce a prototype of the system, designed as an oracle database system.
The company would like to record sales data. The sales can be through vending machines or shop outlets; as a guide, the prototype needs to record where the items have been sold (vending or shop), details about the items as the company produces a range of soft drinks, prices etc. The region the items are sold in is important as the company would like to produce reports by region to compare sales figures. The new system will be used to make management decisions, such as where to increase marketing, whether items should be withdrawn from the market etc. Sales reports should be based on monthly figures.
Tasks
The database, SQL, forms, reports and all other applications you build for the system should be created in Oracle Express Edition, and submitted on CD-ROM.
The username and password for the DBA in your system should be as used in the lab, as follows:
Username: hecomputing
Password: ramdrive
1. You are to create the tables in Oracle Express Edition and populate the tables with sample sales data. Take into consideration the requirements detailed above. However remember this is a guide and by no means a full list of data that should be recorded by the system. It is expected that you will produce a third normal form structure and submit this with your application.
2. Create all forms for data entry. No data should be entered through the table view by the user; the data should be entered via a form.
3. Create all forms to view, edit and delete data.
4. Create a drill-down form for item and sales data as a minimum.
5. Implement triggers to demonstrate auditing, which as a minimum should track
• Insertion of new data
• Deletion of existing data
• Modification of existing data
6. Implement stored procedures
7. Provide the user with a customised, informative message if an error is encountered, by implementing Handling Exceptions.
8. Create queries for data manipulation. All queries should be stored as SQL.
9. Create reports for sales analysis, based on monthly figures. As a minimum you must create a report for sales per item on a monthly basis, sales per month via each sales type (shop, vending machine) which should also be grouped by region.
10. Create two users that are not database administrators; user1 password1, user2 password2. Demonstrate user administration, roles, privileges, security and auditing.
11. You are to informally demonstrate your prototype on the 20th May 2007, in the timeslot you have been allocated. Please see your tutor or Blackboard to confirm your timeslot. All demonstrations will take place between 12:00pm and 5pm on that day.
Can anyone please steer me towards a good set of tutorials that can help me complete the above task.
thanksHi,
You can download and study the 'Store' application at http://www.oracle.com/technology/products/database/application_express/packaged_apps/packaged_apps.html#STORE which does many of the things you need. If you 'hack' the app you'll be well on your way.
Keep Smiling,
Bob R -
Migrate Forms 10g stand alone to SSO usage
Hello,
Currently we have a Forms stand-alone 10g instance on linux. Due to new business needs we have to use SSO for all provided applications.
What are the options in our situation.
Best regards,
Bert Dondertman
NetherlandsBert,
the option is to install Forms using the full Application Server and copy your application files - or configure if it is the same server. The reason why you can't enable Forms for SSO in a post-instll operation is that the Forms Servlet must register with OID to use a privileged secure access.
Frank -
Connecting Discoverer through other Applications.
Hi,
We have developed the web based application where user requests access to Discoverer. We wanted to make it automated by connecting the application to Discoverer Admin. Can the web based application automatically give the access to Business Areas or Access to user through Web based application. Kindly let me know if there are any documents pertaining the to it is available.If you mean that your web based application will setup a user's access to different business areas in the EUL, etc. then ... an insteresting question.
I was originally goiing to say 'no way' as the interface into Apps version isn't all that powerful.
However, if you look at the different JAVA commands that you can perform on the EUL (more than via command line), then in theory, there are commands such as 'grant privilege' with switches such as -user, etc.
So, I'm guessing that if your application can invoke JAVA commands, then that would be your 'in' to giving a user privileges, security to business areas, etc.
Haven't heard of anyone doing this, but sounds like an interesting idea (ie: via an external application).
Russ -
Hi, All,
I have a applet which have 2 jar files. First is main.jar and another is support.jar.
Now support.jar have some JNI call and this one is rarely called from main.jar.
Now I want to sign only support.jar (don't want to siigne main.jar which contains Main Applet) and want to keep it for lazy download.
Whenever we need to call of support.jar then only it should be downloaded and verified and should show accept/reject certificate dialog.
Is it possible ? How ?SoftCrop wrote:
Nop, Whenever any JNI call is made in such condition, It throw Privilege (Security) exception.What you are trying to do (sign only the sensitive jar) seems ok to me. I never had a scenario such as yours, but my understanding is that it should work if...
This is a big 'if'. Whenever the applet makes a security sensitive call, all the classes on the call stack leading to the sensitive call must be trusted. This would be achieved by signing both jars, which you do not want. The other possibility is to use AccessController.doPrivileged() in your sensitive jar. When doPrivileged() is encountered while the stack is examined, it basically means: I am trusted, I don't care if my callers are trusted, I know what I am doing, so please don't subject the called code to the sandbox restrictions.
Edited by: baftos on May 22, 2009 12:19 AM -
Hello all. I am trying to setup replication for 10 databases between 2 servers. For simplicity, I will call them Server 1 and Server 2. I am able to get replication working, but I am wanting to use a UNC path for the data storage.
the snapshot data will use an average of 18GB per day for total snapshot usage. Ideally, I do not want this data to reside on Server 1 itself, but on one of my mass storage devices before it is pulled to Server 2. I am wanting to know best
practice for using UNC paths. I would like to know specifically, how to overwrite the replicated data from the previous day. I am fine with their being a static or floating ~20Gb on Server 2, but I would like to know how the data would flow.
If I use a UNC path to storage on Server 2, when the schedule hits the specified time ( by the way I have 2 schedules setup. 1 to take the snapshot, then another later on for the replication) to replicate the data to Server 2 does the data have to flow
back to Server 1 before it applies the SQL data to Server 2 or is it smart enough to know that if the data is already sitting there, and to just apply it?
Thanks in Advance!I cannot think of much in the way of best practices for setting up a UNC path to serve as your snapshot folder outside of those best practices you'd implement to setup any UNC path on your network.
Primarily make sure that the UNC path for your snapshots has the least privilege security granted to any accounts which must access it for your requirements and only to those accounts necessary.
As for overwriting the snapshot folder, replication doesn't work that way. Each time a snapshot is generated the files are place in a folder that includes a date/time stamp. Old snapshots are purged by either the Distribution Cleanup Agent or
the Snapshot Agent depending on what type of replication you've implemented.
As to the data flow, that all depends on what server is acting as your distributor. The flow is...
Publisher -> Snapshot folder -> Distributor -> Subscriber.
The publisher writes the snapshot to your UNC path.
The distributor then reads the data from your UNC path.
The distributor then connects to the subscriber and writes the data to the appropriate tables on the subscriber.
So if "server 1" is acting as publisher and distributor then the data will flow from "server 1" to the UNC path, then back to "server 1" then on to "server 2".
If "server 2" is acting as subscriber and distributor then the data will flow from "server 1" to the UNC path, then to "server 2" then on to the subscriber database on "server 2".
If you have an independent distributor, I'll call it "server 3" for fun. Your data will flow from "server 1" to the UNC path, then to "server 3", then to "server 2". -
Your request was cancelled. The necessary security privileges
I downloaded this example and ran it against the BusinessObjects server I got where
http://www.sdn.sap.com/irj/boc/go/portal/prtroot/docs/library/uuid/809d64c6-461c-2c10-f4bd-e499c25d6a38?quicklink=index&overridelayout=true
I tried to view a simple report and I got this message. This message appears with any of the reports ones that were already created or ones that we created. The user I am running on is a administrator and if I login to actual server through a web
browser the report works fine.
Your request was cancelled. The necessary security privileges could not be verified. Please contact your system administrator.
BusinessObjects Version XI 2.0
.Net Framework 4.0
Anyone have any ideas ?1. try passing the non encoded token e.g. BOToken = enterpriseSession.getLogonTokenMgr().createLogonToken("", 120, 100);
2. try using getDefaultToken() and see if that works.
3. Have you tried usign openDocument.jsp instread?
4. are you redirecting to this url? 'http://[server]:8080/BOE/CrystalReports/viewrpt.cwr?id='repId'&apstoken=[token]';
Java uses double quote " rather than single quote ' for string declaration. -
Blank form from trusted folder/privileged location with enhanced security
See http://superuser.com/questions/459138/adobe-reader-not-loading-form-content
When opening an fdf from a command line the form fields are blank even though there is data in the fdf and the pdf is located in a mnaully entered trsuted folder.
Steps to reproduce:
Clean install a Windows 7 PC (or use a virtual box)
Map a network drive to a shared folder with a subfolder e.g. c:\test\docs becomes m:\docs
Set security permissions to allow full control to everyone
Add an fdf and a matching pdf file in the subfolder
Manually add m:\docs to each of the trusted folders in the trust manager registry settings
Ensure that Enhanced Security is on
Run a command line to open the fdf file
Expected result:
pdf is opened in Adobe Reader with form fields filled out with data
Actual results:
pdf is opened with blank fields
'Yellow bar' appears asking to add document to trusted locations
It appars that Adobe Reader XI is ignoring the privileged locations entries in the registry. Adding the document via the 'yellow bar' adds the individual document, with the same folder, to the privileged locations but means that the process has to be repeated for every document that needs to be opened from the folder.
Note that I've submited this as a bug but had no reply.when i search for sun java plugin.
i got the link
http://www.oracle.com/technetwork/java/archive-139210.html
http://www.oracle.com/technetwork/java/index-jsp-141438.html
but dont understand what would i download from it
thnks
Edited by: kaminanikamini on Jul 14, 2012 6:24 AM -
Setting privileges in Cisco Secure ACS Version 5.1.0.44
I am setting privileges in Cisco Secure ACS Version 5.1.0.44.
In the command sets from the ACS server, I denied few commands as can be seen in the attached screenshot and selected 'Permit any command that is not in the table below'.
I am unable to see some commands like "Show running-configuration" from the router I was testing. What changes should I do to see all the commands other than the denied commands. Your help will be rated. Thank you.Hi,
The ACS is able to handle permit or deny commands.
I created a configuration example that will help you to understand command shell.(see attach doc)
Instead of using show running-config please use show config.
also make sure that all the users are using privilege 15.
Regards, -
I am running as an Administrator with SE_BACKUP_NAME, SE_RESTORE_NAME, SE_TAKE_OWNERSHIP_NAME, and SE_SECURITY_NAME enabled on my application. My group information is listed below. The item's path and ACL are
C:\tests\test_acl_null\src\1d: O:BGG:SYD:P
where the owner is Built-in Guests, group is Local System, the DACL prevents inheritance, and the DACL itself is empty.
I would expect that since I have the four above privileges enabled successfully, I would have access to the item regardless of its security descriptor. Why is this not the case?
whoami /all
USER INFORMATION
User Name SID
==================== =============================================
winbuild\engineering S-1-5-21-<machine-id>-1001
GROUP INFORMATION
Group Name Type SID Attributes
===================================== ================ ============ ===============================================================
Everyone Well-known group S-1-1-0 Mandatory group, Enabled by default, Enabled group
BUILTIN\Administrators Alias S-1-5-32-544 Mandatory group, Enabled by default, Enabled group, Group owner
BUILTIN\Remote Desktop Users Alias S-1-5-32-555 Mandatory group, Enabled by default, Enabled group
BUILTIN\Users Alias S-1-5-32-545 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\REMOTE INTERACTIVE LOGON Well-known group S-1-5-14 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\INTERACTIVE Well-known group S-1-5-4 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\Authenticated Users Well-known group S-1-5-11 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\This Organization Well-known group S-1-5-15 Mandatory group, Enabled by default, Enabled group
LOCAL Well-known group S-1-2-0 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\NTLM Authentication Well-known group S-1-5-64-10 Mandatory group, Enabled by default, Enabled group
Mandatory Label\High Mandatory Level Label S-1-16-12288 Mandatory group, Enabled by default, Enabled groupThank you for your information, Frank, as it clarifies part of my confusion. However, there are a couple more loose ends I'd love to address before I mark your responses as answers.
Do backup and restore privileges apply at all over a network mount created via "net use"?
The network mount requires a username and password for the destination machine. Assuming the destination machine is a Windows box with a simple CIFS share, how does this user affect our permissions and access? Do we end up effectively impersonating this
user, or is the access check still done with our sync process's run-as user?
We require that both our configured run-as user for our sync process *and* the credentials passed to the network mount be administrator users of the local system and destination system, respectively, meaning they're in of the "BUILTIN\Administrators,
S-1-5-32-544" group.
On re-syncs, the destination file will exist and since we don't have the ability to read the ACL in all cases (we're running as one user, the file is owned by another user, and we aren't specified in the ACL in any way), we aren't able to determine if the
file has changed. Is it possible to determine the owner of this file in this case? Preferably, we'd obtain the entire SDDL.
My proposed plan is to interpret access denied as a difference requiring re-sync, resulting in us taking ownership of the file, granting ourselves access, determining if there are data differences, and then re-syncing the metadata as appropriate.
Maybe you are looking for
-
Hello all, I tried to restore my sytem from a time machine back up and the install seemed to be successful and at the end it told me I needed to restart my computer, I restarted it and it gave my a Kernal Panic Message, this is the log panic(cpu 0 ca
-
Use of parameter IDOC_OPENED_FLAG in FM IDOC_STATUS_WRITE_TO_DATABASE
Hello Friends, I am using the FM IDOC_STATUS_WRITE_TO_DATABASE to set the IDOC status . I just wanted to know wat is the significance of the paramter IDOC_OPENED_FLAG. If I set it and process I am getting an error "IDOC NOT OPENED". If I dont set it
-
By the way, just tried to reboot like what other said to hold home button
By the way, just tried to reboot like what other said, to hold home button & on/off button for 10 secs, no apple sign appears, screen stil stuck as it was ! ????
-
Wants to avoid mapping for an one-to-one scenario..details in the message
Hello Experts, Need your help on the below problem. We are in Service Pack: 08 Release: NW711_08_REL Scenario : proxy to file(tab separated) mapping: one to one structure: msgname -recordset (0..n) -field1 (0..1) -field2 (0..1) -f
-
Adobe Premiere Elements 9 - is it worthwile?
I am not sure if I can ask this question on this Forum. My apology if it is not apropriatie. My question is: I have PrE8. Is it worthwile to buy PrE9? From what I here there are anly small improvements with sound management and not much else. Will ap