• Все разделы
  • Статьи
  • Медиа
  • Новости
  • Нормативные материалы
  • Конференции
  • Глоссарий

Пользователь SYSTEM не заблокирован

Главная Специалистам База уязвимостей Пользователь SYSTEM не заблокирован

Карточка уязвимости

Характеристики уязвимости

Уровень опасности
Оценка CVSS
Производитель ПО
SAP
Наименование ПО
SAP HANA (SAP HANA)
Описание
SYSTEM is the database superuser. It has irrevocable system privileges, such as the ability to create other
database users, access system tables, and so on. In addition, to ensure that the administration tool SAP HANA
cockpit can be used immediately after database creation, SYSTEM is automatically granted several roles the
first time the cockpit is opened with this user. For more information, see Roles Granted to Database User
SYSTEM. Note however that SYSTEM does not automatically have access to objects created in the SAP HANA
repository.
In a system with multitenant database containers, the SYSTEM user of the system database has additional
privileges for managing tenant databases, for example, creating and dropping databases, changing
configuration (*.ini) files of databases, and performing database-specific data backups.
It is highly recommended that you do not use SYSTEM for day-to-day activities in production systems. Instead,
use it to create database users with the minimum privilege set required for their duties (for example, user
administration, system administration). Then deactivate SYSTEM.
Как исправить
Execute the following statement, for example, in the SQL console of the SAP HANA studio:
ALTER USER SYSTEM DEACTIVATE USER NOW
Ссылки
Sap Hana Security Guide 6.4 Deactivate the SYSTEM User page 72