Kbase P94213: How to prevent a remote user from shutting down the database ?
| Autor |
Progress Software Corporation - Progress |
| Acesso |
Público |
| Publicação |
28/06/2010 |
|
Status: Verified
GOAL:
How to disallow a database from being shutdown remotely?
GOAL:
What is the normtshutdown parameter used for?
GOAL:
How to prevent a remote user from shutting down the database ?
GOAL:
New startup parameter to disallow remote database shutdown requests.
FACT(s) (Environment):
Progress 9.1E01 Service Pack
OpenEdge 10.0B02
OpenEdge 10.1x
OpenEdge 10.2x
CAUSE:
Bug# OE00109196
FIX:
The ability to shut a Progress database down remotely has been in our Product since version 7. Prior to Progress Service Pack 9.1E01 it is not possible to prevent a remote user from shutting down a Progress database. If the port is open, the user has access to the machine and is "smart enough" to know the port and hostname that the database is started under, they will be able to shut your database down remotely: proshut -db dbname -H hostname -S port -by In essence, if a user has access and knows what to do, they can.
Progress Service Pack 9.1E01 introduces a new startup parameter that causes the database broker to disallow remote database shutdown requests.
Database startup scripts that do not include the new parameter will continue to function as originally intended.
The new parameter is ?normtshutdown (for "no remote shutdown") and it must be specified when the database is initially started using PROSERVE or _mprosrv as follows:
PROSERVE database ?S 6956 ?normtshutdown
When a remote shutdown is attempted using the following command:
PROSHUT database ?S 6965 ?by
The error message below is displayed and the shutdown request is denied:
Shutdown request denied because you are an invalid user, remote shutdown is not allowed, or the database is enabled for Failover Clusters, (12566)
The code used to disallow remote shutdowns when the argument is specified is also used to disallow remote shutdowns for cluster-enabled databases at all times.
If a remote shutdown request is made from an older version of Progress the shutdown request is denied, but a different error message is displayed:
Shutdown request denied; you do not have the correct user ID. (547)
These changes do not disallow remote shutdown by the AdminServer, that is, using a local AdminServer with Progress Explorer or OpenEdge Explorer running remotely or issuing DBMAN from a remote command-line session.