Revoke Public Execute Permissions on Module Routines

By default, public can execute the module functions such as ifx_replace_module, ifx_load_internal, and reload_module. This can allow attackers to force the Informix server to load arbitrary libraries and execute code as the Informix user. To help resolve this security hole, create a role called ModuleAccess and assign only those users that are required to load modules, as a strict business requirement, membership of this role. Then assign this role the execute permission on these routines and revoke the execute permission from public.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.144.21.190