Revoke Public Execute Permissions on Module Routines

Previous page
Table of content
Next page

By default, public can execute the module functions such as ifx_replace_module, ifx_load_internal, and reload_module. This can allow attackers to force the Informix server to load arbitrary libraries and execute code as the Informix user . To help resolve this security hole, create a role called Module_Access and assign only those users that are required to load modules, as a strict business requirement, membership of this role. Then assign this role the execute permission on these routines and revoke the execute permission from public.


Previous page
Table of content
Next page
Database Hacker's Handbook. Defending Database Servers
The Database Hackers Handbook: Defending Database Servers
ISBN: 0764578014
EAN: 2147483647
Year: 2003
Pages: 156
Authors: David Litchfield, Chris Anley, John Heasman, Bill Grindlay
BUY ON AMAZON
Project Management JumpStart
Excel Scientific and Engineering Cookbook (Cookbooks (OReilly))
An Introduction to Design Patterns in C++ with Qt 4
Twisted Network Programming Essentials
The Oracle Hackers Handbook: Hacking and Defending Oracle
MPLS Configuration on Cisco IOS Software
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy