I think this is similiar to "nfauser", in that it needs a valid
unix account, but not an active account. If that makes sense. The security
would be on the application side. Basically the account would be for use
by the application, but not able to access the system directly.
"Dave Tabor" <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED]
06/09/2005 10:59 AM
Please respond to u2-users
To: <[email protected]>
cc:
Subject: RE: [U2] access via disabled accounts
Yikes!!!
I just tried it in AIX 5.2/UniData v6.1.3 (Locking the account via smit)
and UniObjects [NOT .NET... yet!] was still able to connect and work
perfectly.
Back before starting to use UniObjects, I remember reading something about
UniObjects not logging in like a normal user would log in. I didn't
realize that it meant UniObjecs was 'above the law' in terms of logins.
That's a potentially scary issue!
Thanks, for the heads-up on this!
- Dave
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of gerry-u2ug
Sent: Thursday, June 09, 2005 9:48 AM
To: [email protected]
Subject: [U2] access via disabled accounts
here is something that popped up today.
hpux 11 / uv 10.1.8
I disabled my login account yesterday [ too many fat fingered login
attempts
;-) ] and it has yet to be re-enabled , so I can't login to unix/universe
which is as it should be.
however , I have a dts package setup in sql server to pull a file from
universe into sql server using uniOleDB that is configured to use my login
and
it works !!!
I also have another process that accesses universe via UO.NET again using
my
login and it also has no problem connecting to universe and doing its
thing.
does anyone else see this a major security hole ?
Gerry
-------
u2-users mailing list
[email protected]
To unsubscribe please visit http://listserver.u2ug.org/
-------
u2-users mailing list
[email protected]
To unsubscribe please visit http://listserver.u2ug.org/
-------
u2-users mailing list
[email protected]
To unsubscribe please visit http://listserver.u2ug.org/
