Chris Seary's blog :: Main Page

This Month

Month Archive

June 2008
April 2008
March 2008
February 2008
October 2007

Main Page

« February 20 | April 01 »

Tuesday, March 11

Excess privilege

by chris on Tue 11 Mar 2008 02:36 PM PDT

I had to laugh. I've worked on a Unix based application recently. The service account is also granted access to log on to the application. Production support is also performed using this account.

Apparently, I've been told, this is fine. It's on a Unix server. Unix is secure.

Look, you can make any OS insecure if you want. And these guys really have tried......

It's important to segregate the accounts. That service account will have a high level of access to the database. The production support person, using that account, can now read and write to the database containing production data. What if you were a bank and this was a trading system? You've just blown all your legal and compliance responsibilities!

The service account should only be used for the application to run.

Create another account with access to the files for support.

Don't let someone log on to the application with this account.

This is called least privilege. Doesn't matter whether it's Unix, Windows or xyz operating system, the principle is absolute.

Leave Comment | Permanent Link | Cosmos

Useful Links

Microsoft Security Developer Centre

Developer Dave

Charteris White Papers

Next Generation User Group