| List: | Cluster | « Previous MessageNext Message » | |
| From: | Len Kranendonk | Date: | January 27 2005 10:00am |
| Subject: | Re: securing ndb_mgmd | ||
| View as plain text | |||
> chown root:root ndb_mgm > chmod ndb_mgm 700 > > Should make access only to root. > > Alex That does not fix the problem. A malicious user can run his own version of ndb_mgm. Also, it seems that there is no check on the source IP address of the ndb_mgm client. I've just installed the ndb_mgm client on a box outside the cluster, and I can connect to the management server and bring down the cluster as a regular user. Len
| Thread | ||
|---|---|---|
| • securing ndb_mgmd | Len Kranendonk | 27 Jan |
| • Re: securing ndb_mgmd | Alex Davies | 27 Jan |
| • Re: securing ndb_mgmd | Len Kranendonk | 27 Jan |
| • Re: securing ndb_mgmd | klaus | 27 Jan |
| • Re: securing ndb_mgmd | Stewart Smith | 28 Jan |
| • Re: securing ndb_mgmd | Tomas Ulin | 8 Feb |
| • Re: securing ndb_mgmd | Len Kranendonk | 8 Feb |