Dataservers Run as Root

Dataservers Run as Root

Post by Neil Lun » Fri, 23 Jun 2000 04:00:00

Back to the security subject close to my heart. We have a vendor who have
installed themselves a login and changed the uid to 0 (root). All
dataservers run under this login.

Apart from the fact that this effectively gives them a root login on the
machine, which I really object to, I also take issue with running a database
as the root user.

With several major DBMS this is an absolute no no. Most will not even

I have noticed with a progress database running as a user who is not root,
that when something critical happens on the machine (ie out of memory) the
database shuts down quietly and safely. The converse side is that when
running as root in such a situation it will just keep going and going and

My opinion bluntly is that the database should not be run as root. Does
anyone have other information to support this?



1. Migrate from Progress dataserver to Oracle dataserver

We are a software company who wrote 10 products with progress
release 6 and 7.

For a big customer we need to use the Oracle dataserver and
migrate the application to this server.

When I read progress books about Oracle dataserver I don't
understand if they are problems.

Is it a matter ? Is it time ?


2. Again: Using a variable column name..

3. Running dataserver as an inetd service

4. SQL doclet

5. Running two sybase dataserver instances

6. Client Library for Solaris on Intel ?

7. Running dataserver suid on AIX

8. US-OH-Columbus Customer Support, UNIX/C, TCP/IP, IBM 3270, SNA, SDLC, Oracle (1144-1657)

9. kill -9 fails for Sybase 10.0.2 dataserver running on Solaris 2.3

10. Problem with Running script

11. running - a security risk?

12. running server manager from root

13. Problem running Sybperl scripts as root user