The data of a database is stored in the file system. There are several operating system users that have extensive authorizations for accessing database resources using operating system commands.
Name |
Type |
Authorizations |
---|---|---|
SDB Operators |
Group |
Access to the following resources:
Permissions for the following administration tasks (among others):
|
<SID>ADM |
User |
|
SQD<SID> |
User |
Obsolete Not for SAP liveCache databases Owner of all database resources |
Name |
System Default Value |
Type |
Authorizations |
---|---|---|---|
<sdb_user> |
sdb |
User |
Owner of all database resources |
<sdba_group> |
sdba |
Group |
|
Support group |
sdb<database_name> |
Group |
Optional; support tasks |
root |
root |
User |
A SetUID root program is only required for a user change to <sdb_user>. |
<os_user> |
- |
User |
|
<sid>adm |
- |
User |
|
sqd<sid> |
- |
User |
Obsolete Not for SAP liveCache databases Owner of all database resources |
Unauthorized access to protected database resources using external user data
A normal operating system user learns the password of a privileged operating system user and accesses protected database resources using operating system commands.
Access to unprotected database resources
A person uses operating system commands to access database resources not protected by restrictions at the operating system level.
Access to database data in the web browser's cache
A person uses operating system commands to access database data on the hard disk that was saved in the cache of the web browser by an authorized database user who worked with Web SQL.
Database Administration, Special Operating System Users and Groups