Question about security context in multithreading environment

Similar Messages

• Question about security issues regarding 'cp' and 'mv'

  Ok, I wondered about how 'cp' and 'mv' are really working. I have some guesses but I need these things to be confirmed.
  Here is what I have:
  A partition with a unix file system, say ext2 or 3 (does this make a difference here?) containing *very* sensitive data. The filesystem is encrypted (whirlpool/serpent) but that shouldn't matter. As I do not want corpses of dead files lying around that could be recovered, I always use 'shred -zu' with 26 passes to overwrite and then delete the data.
  And that's where I have my conceirns:
  If I want to rename a file or move it to another folder on the same partition. Is it save to 'mv' it? Or should I 'cp' it and then 'shred' the original file. I assume that 'mv' will not touch the actual file and just tell the file system of it's new name or place in the folder-structure. Given that, shredding a 'mv'ed file should not leave a trace of it on the drive (except of the old filename before the 'mv' maybe, but that wouldn't be too critical). I assume that, because it's the only thing that would make sense to me, but have to know it for sure!
  However, on moving the file to another drive I should probably 'cp' it, then 'shred' the original file. The question I have here is as follows:
  How much information which could be recovered leaves 'cp'ing in my RAM? Will I have to find a way to somehow shred the information in the RAM or can I assume that my RAM get's rewritten often enough, that most traces will be gone, say, in a couple of days?
  If you have links at hand to confirm your answer, please post them, too.

  Okay, thanks for that, I will have a closer look on flushing the ram.
  Sure, I care about security and privacy, but -- as you might expect -- the data I have are not really THAT sensitive/confidential/whatsoever. I've just gotten into it somehow and now I'm just curious/intrested in improving it for it's own sake more or less.

• Just a question about security

  Hi All.
  Just a simple question really, I read on one of the forums here a question about running windows and apples mac os at the same time.
  My question is: would they not cause conflict, as with apple you don't need to install security but windows is riddled with bugs and virus's surely one would infect the other?
  Sorry to sound so silly,  I'm not very computer savvy , but it strikes me as wrong somehow.
  Thanks Tricia

  You will have whatever threats assail Windows and must protect against those, but none of them will cross over to the Mac side. Note: there is cross platform Windows/Mac malware, i.e. malware written for both. But to be infected you need to be infected directly on the Mac side.
  http://www.zdnet.com/blog/bott/the-slow-and-steady-evolution-of-cross-platform-m alware/4930

• Question about the Context

  Hi:
  I'm a freshman with the EJB.I'm ambiguous of the Context in the EJB.What's the Context?How to use the EJB?
  Please tell Where can I find the document about the Context,thank you.

  Hi Wjun555
  The context provides information about an EJB. So for example, the InitialContext used to lookup an ejb provides the information required to connect and obtain a remote reference (or a local reference) to an EJB.
  The EntityContext and SessionContext provide information about the EJB while it is running. This includes information such as what user invoked it, whether its running in a transaction, what kind of transaction, etc.
  Thanks,
  Brian

• Question about global context.

  Hi.
  I have this scenario:
  1) Context set within the application:
  a) user logins and identifies basic context info: company id, etc.
  b) Context is set in a package
  b) Views are the underlying datasource for application and they are created using context info. For example:
  Create view some_view as
  select * from some_table where company_id =sys_context('access_control_ctx','company_id')
  2) This works perfectly in a dedicated / persistent connection. However if ones tries to use connection pooling, like in a Web app, say Apex , this won't work as expected.
  3) An alternative is to use global context. However i have this question:
  (a) User a logs in to application and set values for company 1.
  (b) User b logs in to application and set values for company 2.
  How does global context works in this situation?. I mean, since every user needs a different value form company_id? How can one guaranties they both will point to their respective value without having to change the application security / access control?.
  Regards, Luis ...!

  Specific to APEX, you can use the v function to access APEX session state information (i.e. v('APP_USER') to get the currently logged in application user).
  If you are going to use a global context, you would need a session ID (or something similar) that is stored as a part of the global context to determine which session you are interested in. The global context would have A's data with A's session ID and B's data with B's session ID and before you get the context information, you would need to specify which session ID you are asking about.
  Tom Kyte has an example of using a global context
  Justin

• Question about Databases on a distributed environment...

  Hi,
  I have quick question. We have production in a distributed environment as follows
  (a) SQL server, EPMA, and Calc Manager
  (b) Workspace, and Shared Services
  (c) Essbase
  (d) Planning
  Now we have multiple databases for each hyperion service i.e.
  (1) HSS (using for hyperion shared service)
  (2) BIPLUS (Using for workspace)
  (3) AAS (Using for Essbase Administrator Services)
  (4) CALCMGR (Using for calculation manager)
  (5) EPMA (Using for EPMA)
  (6) ERPI (Using for ERP Integrator)
  (7) PLANSYS (Using for Planning)
  Now, my question is ....is it necessary that we have that multiple database in a distributed environment or we can have one database for everything? What is main objective for creating databases for each application?
  Please share your best knowledge and give me positive and negative about multiple database and single database for hyperion...
  Thanks to all...
  Safi

  I am going to be lazy and copy an extract from the install doc
  For simplicity and ease of deployment, you can use one database repository for all products (with the exceptions noted below). When you configure multiple products at one time using EPM System Configurator, one database is configured for all selected products.
  Caution!
  To use a different database for each product, perform the “Configure Database” task separately for each product. In some cases you might want to configure separate databases for products. Consider performance, rollback procedures for a single application or product, and disaster recovery plans.
  The following products and product components require unique databases:
  Performance Management Architect interface data source
  Extended Analytics for Financial Management and Extended Analytics for Strategic Finance
  Planning – Each Planning application should have its own repository.
  Performance Scorecard
  FDM – Use an Oracle Database instance exclusively for FDM.
  Data Relationship Management.
  Cheers
  John
  http://john-goodwin.blogspot.com/

• Question about security issue when transferring files from PC

  I am in the process of looking at macs. I have always been a PC user and have been EXTREMELY impressed with the features of mac os x. Here's the question. I am probably sure that I have one or more viruses on my PC, what PC doesn't right? When I get my mac, I'm looking at the macbook, I see that I can transfer my files over from a PC to my new mac. The problem is. I want my files, but I'm leery about transferring a virus over also. I've heard about the security of macs and I am wondering if this is something I need to be worried about, or if it won't be a problem. Is there any steps I will need to take to ensure that I don't bring any viruses over with my files? Thanks for the help.
  Micah
  P.S. I am really starting to get sick and tired of Vista. I had to download VLC media player to play my Windows Media files because my Windows Media player on Vista WILL NOT play the files meant for that system. Arrrghhh Sorry for the vent.

  Be sure to scan all your files for viruses before moving them from the PC to the Mac. Although PC viruses should have no effect on a Mac, it's still possible to pass on a virus to a friend via email.
  Do You Need Anti-Virus Protection for Your Mac?
  According to Rich Mogull's article, Should Mac Users Run Antivirus Software?,
  "The reality is that today the Mac platform is relatively safe. There are hundreds of thousands of viruses and other malicious software programs floating around for Windows, but less than 200 are known to target the Mac, and many of those are aimed at versions of the Mac OS prior to Mac OS X (and thus have no effect on a modern Mac).
  It's not that Mac OS X is inherently more secure against viruses than current versions of Windows (although it was clearly more secure than Windows prior to XP SP2); the numerous vulnerabilities reported and patched in recent years are just as exploitable as their Windows equivalents. But most security experts agree that malicious software these days is driven by financial incentives, and it's far more profitable to target the most dominant platform."
  Mr. Mogull is a computer security expert. I recommend reading the entire article as it is quite informative.
  For additional information on viruses, trojans, and spyware visit The XLab FAQs and read the FAQs on viruses and spyware.

• Question about DB13 jobs under MSCS environment

  Hi,
  I have migrated my system to cluster hardware.It´s two nodes windows 2003 server R2 x64, with MSCS and Oracle 10g.
  I need run DB13 operations, so I have installed the standalone gateway following note 657999. Gateway is running anda RFC works fine.
  Now SAP group is running in node A and Oracle group is running in node B, and when I try to run a database check through DB13 job returns this log:
  Job started
  Step 001 started (program RSDBAJOB, variant &0000000000210, user ID CONSULTORAC)
  No application server found on database host - rsh/Gateway will be used
  Ejecución del comando lógico BRCONNECT En máquina ACDCPDPSR3002
  Parámetros: -u / -jid CHECK20101201092709 -c -f check
  BR0801I BRCONNECT 7.00 (16)
  BR0252E Function fopen() failed for 'J:oracleACPsapcheckceernjjz.chk' at location main-9
  BR0253E errno 13: Permission denied
  BR0121E Processing of log file J:oracleACPsapcheckceernjjz.chk failed
  BR0280I BRCONNECT time stamp: 2010-12-01 09.27.11
  BR0301E SQL error -12560 at location db_connect-2, SQL statement:
  'CONNECT /'
  ORA-12560: TNS:protocol adapter error
  BR0310E Connect to database instance ACP failed
  BR0806I End of BRCONNECT processing: ceernjjz.chk2010-12-01 09.27.11
  BR0280I BRCONNECT time stamp: 2010-12-01 09.27.11
  BR0804I BRCONNECT terminated with errors
  External program terminated with exit code 3
  BRCONNECT returned error status E
  Job finished
  Error 1: BR0252E Function fopen() failed for 'J:oracleACPsapcheckceernjjz.chk' at location main-9
  Brconnect is trying to write .chk file in SAPDATA_HOME directory and it can´t. When I execute the command at OS level in node A (where SAP group is running) I get same error, but when I execute same command in node B it run without problems.
  Error 2: 'CONNECT /' ORA-12560: TNS:protocol adapter error
  No listener.
  SAP try to run commands on the node where SAP group is running, and it can´t works with Oracle group resources like listener or sapdata_home disk.
  My question, is it possible execute DB13 actions whene each group is running in different nodes?
  If is possible, how can I solve my problem?
  Thanks in advance.
  Pablo.

  Hello,
  As stated in point 7 within Note 446172 :
  7.  In Windows, make sure that the USER environment variable for
      SAPSERVICE<sid> contains <sid>ADM. This variable controls the user
      under which the external command is started. See also Note 556232.
  regards,
  John Feely

• Basic PL/SQL Question about running context

  We are trying to create some generalized tools with PL/SQL procedures that would be used by a number of different Oracle Users/Schema. The idea was to store them in an administrative schema (call it ADMIN), create public synonyms for them, and grant execute to public. Then we could run them from the user schema (call it USER) to do the work.
  It was my assumption, that while the procedures were stored in ADMIN, when they were run by USER they would run in the USER context. EG, a table (call it MYTABLE) that was referenced in the procedure without a schema reference (SELECT * FROM MYTABLE) would expect to find MYTABLE in the context of the schema which called the procedure. In other words, call the procedure from USER, I expected the procedure to look for MYTABLE in USER. However, we are getting errors that indicate that even though the procedure is called from USER, it is looking for the table in ADMIN (the procedures creation context), no in USER (the running context).
  QUESTIONS: How is PL/SQL supposed to operate in this situation? Are there any options/parameters that can be set so the procedure will use the runtime context for table lookup, or do we have to write dynamic SQL which will fully qualify the table with the owner schema?
  Thanks for your help
  John Conroy

  Hy,
  from the manual:
  The AUTHID clause is allowed only in the header of a stand-alone subprogram, a
  package spec, or an object type spec. The header syntax is
  -- stand-alone function
  CREATE [OR REPLACE] FUNCTION [schema_name.]function_name
  [(parameter_list)] RETURN datatype
  [AUTHID {CURRENT_USER | DEFINER}] {IS | AS}
  -- stand-alone procedure
  CREATE [OR REPLACE] PROCEDURE [schema_name.]procedure_name
  [(parameter_list)]
  [AUTHID {CURRENT_USER | DEFINER}] {IS | AS}
  -- package spec
  CREATE [OR REPLACE] PACKAGE [schema_name.]package_name
  [AUTHID {CURRENT_USER | DEFINER}] {IS | AS}
  -- object type spec
  CREATE [OR REPLACE] TYPE [schema_name.]object_type_name
  [AUTHID {CURRENT_USER | DEFINER}] {IS | AS} OBJECT
  where DEFINER is the default option. In a package or object type, the AUTHID
  clause applies to all routines.
  Note: Most supplied PL/SQL packages (such as DBMS_LOB, DBMS_PIPE, DBMS_
  ROWID, DBMS_SQL, and UTL_REF) are invoker-rights packages.

• HT6170 Question about security questioni

  do you have to call apple or can you do it through there online support to reset your security question since my account was created before they started using rescue email.

  Purple 16 wrote:
  Hi,
  you can try the apple support when i forgot my questions i rang up apple and it didn't take more than 10 minutes for them to fix it.
  Link below to call them or make an appointment.
  https://www.apple.com/au/support/contact/
  Astute of you to work out the OP is in Australia

• HT5114 Question about Security question

  I  forgot the answers to my security questions. Is there anyway to get around it or be sent a reminder or something?

  appleid.apple.com
  Under Passwords and Security there may be a reset option under your questions if you've forgotten them.
  Write the next ones down

• Question about : Securing Networks with ASA Foundation (SNAF)

  Dear All,
  I would like to ask about the exam Securing Networks with ASA Foundation (SNAF) as below:
  1- How i can download documents before i take exam? ( i mean did it have offline file?)
  2- i was pass CCNA and CCDA already so can i continuous to take this exam?
  I try to find ebook and offline file from Cisco website but it don't have....
  Please let me know if you know this ...:)
  best regards,
  Rechard

  There's a quick reference book for SNAF. You can find it on the cisco press website. There's also an older book called "Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance". It's from 2005 but it's usefull.
  After CCNA I'd recommend you to pass CCNA:Security before you take SNAF. It's needed both for ASA Specialist and for CCSP.
  Good luck

• Question about security

  I tested my computer for spyware at this website. http://www.auditmypc.com . The test results said that my computer is not as secure as it should be because the security test was able to detect information about my computer, and that it needed to be updated with a security patch. The test results are posted below this paragraph.
  [Quote]The majority of information you will see is made possible, not because of spyware, but because you are missing a security patch or do not have a patch management program.
  Your IP Address 64******* 
Your Notice! Your Private IP is ********* and unlike your
  external IP of ********* this should be hidden!
  Patch software found here & see our Internal IP page. 
The Referring Site is http://www.auditmypc.com/ 
Your Browser is Safari on Mac 
Java Enabled = Yes .
  Free Spyware Removal instructions will appear below if spyware is found:
  Below is the Raw Data that you give away every time you visit a web site.
REMOTEADDR=******************
REMOTE_HOST=******************
REMOTE_USER=
HTTP_USERAGENT=Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en) AppleWebKit/417.9 (KHTML, like Gecko) Safari/417.9.2
HTTPX_FORWARDED_FOR=
HTTP_REFERRER=
HTTPREFERER=http://www.auditmypc.com/Name adl*****8[/Quote]
  Is there a way (maybe via command terminal) to disable Macintosh computers from displaying information about the kind of operating system that I am using - web browser- IP address and so on without compromising system performance ? I am guessing that the best way to disable Un secure browsing would be to open the command terminal and use a Apple script or some type of code that would disable my IP address and everything else from being displayed on websites etc etc. I have tried using Safari’s built in private browsing feature but that method is like using an old proxy number, because when I use it, the computer crashes and lags so I am hoping that there is another alternative. Any advice about how to fix this problem would be appreciated.

  Just one more thing. If you are worried about anybody getting access to your computer etc. Make sure you have a router and also turn on the MAC Firewall.
  To turn on firewall protection on your computer:
  Open System Preferences and click Sharing.
  Click Firewall, and then click Start.
  To block incoming traffic on ports used by one of the sharing services, disable that service in the Services pane.
  You can't edit the firewall ports used by built-in services. They are enabled and disabled automatically when you turn the corresponding service on or off in the Services pane.
  If you use iChat Bonjour, iTunes Music Sharing, or iPhoto Bonjour Sharing, make sure to allow those services in and out of your firewall. Turn on their services on the Firewall pane of Sharing preferences.
  You should also block UDP traffic and enable Stealth Mode under advanced settings.
  To set advanced firewall options:
  Open System Preferences and click Sharing.
  Click Firewall, and then click Advanced.
  In addition to the firewall services in Sharing preferences, you can set additional, advanced firewall settings to further protect your computer. The advanced firewall features include:
  Blocking UDP traffic UDP (User Datagram Protocol) is a communications protocol that offers a limited amount of service when messages are exchanged between computers in a network that uses the Internet Protocol (IP). Like the Transmission Control Protocol, UDP uses the Internet Protocol to actually get a data unit (called a datagram) from one computer to another. Unlike TCP, UDP does not provide the service of dividing a message into packets (datagrams) and reassembling it at the other end. UDP is transaction oriented, and delivery and duplicate protection are not guaranteed. Blocking UDP traffic can help secure your computer.
  Using firewall logging A firewall log is a record of the your computer's activity and the data traffic into and out of your computer through a firewall. Keeping a firewall log can be helpful if you are tracking where the data is coming from and where it is going.
  Stealth mode When you enable stealth mode, all uninvited data traffic receives no response from your computer. Stealth mode virtually hides your computer behind your firewall, and other computers sending traffic to your computer receive no information about your computer.
  However, as I mentioned before your browser info will always be out there.

• Hi, Question about secure empty trash. I moved some Time Machine backup files to the trash from an external hard drive. Now I can't secure empty trash. It starts, finds 74,003 files, and does nothing. The external hard drive shows it's empty, but it isn't

  I moved some time machine backup files from an external USB hard drive to the trash. Tried secure empty trash. It counts 74,003 items, then just sits there. The external hard drive window shows it's empty, but the info pane says it only has 50G of memory left. I left the secure empty trash on over night. It did nothing. Ideas?
  Thanks,
  Ron

  Relaunch the Finder, then from the Finder menu bar, select
  Finder ▹ Preferences ▹ Advanced
  and uncheck the box marked Empty Trash securely. Try again to empty the Trash.

• Question about security in web browsers

  What are the security limitations of an applet in a Web browser? Is there any way to get around them? plz just give me a straight answer, none of this stupid link bs.

  What are the security limitations of an applet in a
  Web browser? Is there any way to get around them? plz
  just give me a straight answer, none of this stupid
  link bs.
  FAQ - Applet Security
  Java Glossary : signed Applets
  Signed Applets, Browsers, and File Access
  JDK 1.2 - Signed Applet Example