ADMIN security (was: New Clients automatically Administrators
1999-05-24 04:12:00
Wanda Prather wrote:
> The problem is that ANY admin id can run QUERIES against the ADSM data base.
>
> That opens up 1 availability issue and 1 real security hole, in my opinion:
>
> 1) An ill-advised SQL query issued by can bring the ADSM server to its
> knees, and
[Discussion of real security hole deleted]
I think the availibity issue is worse than that. In my experience, the phrase
"bring ... to its knees" usually refers to serious performance degradation. I
recently discovered that some SQL queries involving joins can bring all useful
activity on our MVS ADSM server to a standstill until the server task is
cancelled and restarted. Cancellation is an extremely nerve-wracking way of
ending a task with a database. It is pretty much the MVS counterpart of the
Unix command 'kill -9 ...'.
|
<Prev in Thread] |
Current Thread |
[Next in Thread> |
- ADMIN security (was: New Clients automatically Administrators,
Thomas . Denier / internet , , Thomas . Denier <=
|
|
|