Specify a SOLVE service user with privileges appropriate for the commands that are issued through the Linux agent.
Business Value:
Ensuring that the user under which the agent runs does not have higher privileges than needed helps to preserve the integrity of the Linux system.
Additional Considerations:
By default, the SOLVE service user is root. You can specify a user of lower privileges if you find them appropriate for the commands (for example, ps -a and uname -a). After the agent is active for a period, review the commands that are issued through the agent to determine the appropriate privileges. Specify a user with those privileges in the xinetd SOLVE service.
Note: SOLVE is a service name that is registered with Internet Assigned Numbers Authority (IANA) for Port 2636.
|
Copyright © 2015 CA Technologies.
All rights reserved.
|
|