: Linux security: Authenticate your users and know what they're up to
Linux security: Authenticate your users and know what they're up to Aug 1, 2007, 05 :30 UTC (0 Talkback[s]) (5751 reads) (Other stories by Jack Loftus)
"Databases are one thing that is often overlooked. DBAs have access to most of the data in there, so IT managers will set them up as if they are in total control of all the data and access privileges. Managers who own all of the data in the IT environment don't have as much knowledge as they should about these databases.
"Another challenge is applications that come bundled with their own internal security. In these cases, how do you know that these applications aren't doing something in such a way that it has more access to data than it needs? For example, I have a program, and that program has to run with root access on Linux and has to be able to log into the database. It will do its own security check. These applications that have their own internal security are becoming very hard for people to say, "Do I really understand who has access to what in my network?" In these cases, you rely on a vendor to publish schemas and to do their own audits on the applications.""
