/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
- The data files of the hdbuserstore on Linux/Unix are sometimes (depending on the installer) world-readable (file permissions644, -rw-r--r--).
Affected files are "SSFS_HDB.DAT" and "SSFS_HDB.KEY".
By default these files are protected by the directory privileges which are set to 700 (drwx------).
That means, only the owner of the directory can access theses files – independent of the broader file permission. - Depending on installers, system configuration, and directory permissions, the directory and the files may get world-readable.
That means a local user on the operating system could use the data files content and gain unauthorized access to the HANA DB.
Read more...
Environment
- hdbuserstore
- SQL client
Product
SAP HANA 1.0, platform edition
Keywords
security, hdbclient, SQLclient, userstore, password, SSFS_HDB.KEY, SSFS_HDB.DAT , KBA , HAN-DB-CLI , SAP HANA Clients (JDBC, ODBC) , HAN-DB , SAP HANA Database , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)