Gord Michaels wrote:
> Thankyou for your response Blaine.
>
> However, this problem should not be happening in the first place. I would
> like to find the root cause of what's going on with Netview.
>
> Any ideas of what could be happening anyone ??
>
> Sincerely,
>
> Gord.
>
> >From: "Owens, Blaine C" <bowens AT EASTMAN DOT COM>
> >Reply-To: Discussion of IBM NetView and POLYCENTER Manager on NetView
> > <NV-L AT UCSBVM.ucsb DOT edu>
> >To: NV-L AT UCSBVM.ucsb DOT edu
> >Subject: Re: Security Problem/Question...
> >Date: Wed, 23 Jun 1999 15:39:01 -0400
> >
> >Are they using the "netview" command to launch? You can have your opers
> >enter "netview -ro" and they should always get a read-only map (whether
> >they
> >are first or not). I set up our operators mouse buttons so they would
> >always
> >launch with the -ro option (via a script), that way I always get the read
> >write map (Greedy me :-))
> >
> >Blaine Owens
> >Eastman Chemical Company
> >Phone - (423)-229-3579
> >Fax - (423)-229-1188
> >bowens AT eastman DOT com
> >
> > > -----Original Message-----
> > > From: Gord Michaels [SMTP:gord_michaels AT HOTMAIL DOT COM]
> > > Sent: Wednesday, June 23, 1999 3:28 PM
> > > To: NV-L AT UCSBVM.ucsb DOT edu
> > > Subject: Security Problem/Question...
> > >
> > > Hello All.
> > >
> > > I am running Netview 5.1, AIX 4.2.1, Framework 3.6.
> > >
> > > In my environment, I use DCE. I have myself set up as a 'SrAdmin' user
> > > within Netview and my Operators under the 'oper' group.
> > >
> > > My Operators log into their AIX account and then Netview (oper group).
> > >
> > > Then, I log into my AIX account (not root, but I have given Map
> >ownership
> > > to
> > > my AIX userid) and then into Netview under SrAdmin.
> > >
> > > Now, after this, I have only read permissions and none of the privilages
> > > which come with SrAdmin (i.e. I cannot unmanage devices, change symbols
> > > names, etc). BUT, MY OPERATORS HAVE READ/WRITE PERMISSION AND HAVE ALL
> >THE
> > > SRADMIN PRIVILAGES !!!
> > >
> > > It seems as if whoever logs into Netview first, get read/write and full
> > > SrAdmin privilages. Whoever logs in after this, gets read only and oper
> > > permissions, regardless of what group they belong to. I have to test
> >this
> > > yet, but from memory, it seems to be what is happening. Regardless, then
> > > end
> > > result is not the way it should be.
> > >
> > > Has anyone ever seen this before ???
> > >
> > > Any help/advice appreciated.
> > >
> > > Gord Michaels.
> > >
> > >
> > >
> > >
> > > ______________________________________________________
> > > Get Your Private, Free Email at http://www.hotmail.com
> >
>
> ______________________________________________________
> Get Your Private, Free Email at http://www.hotmail.com
I regret I have no ideas myself, but I want to re-register my concern about the
problems which have been observed with security and NetView 5.1.
Gord, you have not commented on any problems with nvsecd falling over, which is
a known problem with 5.1, but I think is fixed in 5.1.1. Are you running a
script to restart nvsecd every time it falls over, and could this be connected
with the problems you have observed ? Or do you wait until you are unable to
run NetView before restarting nvsecd ? (Or does it never fall over ?) Please
can you clarify this as it may well be relevant.
Is there anyone out there using security with NetView 5.1.1 and are they having
any problems ? A response either way would be appreciated as the problems with
5.1 are not acceptable to our clients. We will upgrade to 5.1.1, but we have
not received it yet (we only gor Framework 3.6 recently).
Thanks
Jon Needes
EDS, Hook, UK
|
