Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

More on LinuxToday


Linux security: Authenticate your users and know what they're up to

Aug 01, 2007, 05:30 (0 Talkback[s])
(Other stories by Jack Loftus)

[ Thanks to Peter Parker for this link. ]

"Databases are one thing that is often overlooked. DBAs have access to most of the data in there, so IT managers will set them up as if they are in total control of all the data and access privileges. Managers who own all of the data in the IT environment don't have as much knowledge as they should about these databases.

"Another challenge is applications that come bundled with their own internal security. In these cases, how do you know that these applications aren't doing something in such a way that it has more access to data than it needs? For example, I have a program, and that program has to run with root access on Linux and has to be able to log into the database. It will do its own security check. These applications that have their own internal security are becoming very hard for people to say, "Do I really understand who has access to what in my network?" In these cases, you rely on a vendor to publish schemas and to do their own audits on the applications.""

Complete Story

Related Stories: