ADSM-L
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

ADMIN security (was: New Clients automatically Administrators

1999-05-24 04:12:00
Subject: ADMIN security (was: New Clients automatically Administrators
From: Thomas.Denier / internet, , Thomas.Denier AT MAIL.TJU DOT EDU
To: ADSM-L / internet, , ADSM-L AT VM.MARIST DOT EDU
Date: Monday, May 24, 1999 8:12PM 
Wanda Prather wrote:
> The problem is that ANY admin id can run QUERIES against the ADSM data base.
>
> That opens up 1 availability issue and 1 real security hole, in my opinion:
>
> 1) An ill-advised SQL query issued by can bring the ADSM server to its
> knees, and
[Discussion of real security hole deleted]

I think the availibity issue is worse than that. In my experience, the phrase
"bring ... to its knees" usually refers to serious performance degradation. I
recently discovered that some SQL queries involving joins can bring all useful
activity on our MVS ADSM server to a standstill until the server task is
cancelled and restarted. Cancellation is an extremely nerve-wracking way of
ending a task with a database. It is pretty much the MVS counterpart of the
Unix command 'kill -9 ...'.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • ADMIN security (was: New Clients automatically Administrators, Thomas . Denier / internet , , Thomas . Denier <=
Previous by Date:  Re: Squishing the unused space out of my ADSM database, Sheelagh Treweek
Next by Date:  Re: Squishing the unused space out of my ADSM database, Brian D Chase
Previous by Thread:  Squishing the unused space out of my ADSM database, Brian D Chase
Next by Thread:  cross-client restore fails ANS1353E, dagnew / internet , , dagnew
Indexes:  [Date] [Thread] [Top] [All Lists]