BEA Logo BEA Tuxedo Release 8.0

  BEA Home  |  Events  |  Solutions  |  Partners  |  Products  |  Services  |  Download  |  Developer Center  |  WebSUPPORT

   http://www.oracle.com/technology/documentation/index.html   |   Site Map   |   Search   |   PDF Files   |   Contact   |   Glossary

 

   Tuxedo Documentation   |   Setting Up a BEA Tuxedo Application   |   Local Topics   |   Previous Topic   |   Next Topic   |   Contents

 

Establishing Operating System-level Security

You can restrict access to BEA Tuxedo administrative functions to authorized administrators only, by setting three parameters: UID, GID, and PERM.

The defaults of UID and GID are the user ID and group ID, respectively, of the person who runs the tmloadcf(1) command on the configuration, unless overriding values have been specified in the MACHINES section.

Characteristics of the UID, GID, and PERM Parameters
 
 
 
 
 
 
 

Parameter

Characteristics

UID

The user ID of the administrator. The value is a numeric string corresponding to the UNIX system user ID of the person who boots and shuts down the system.

The default is the user ID of the person who runs tmloadcf(1).

Example: UID=3002

Note: On Windows 2000, this value must be set to 0.

GID

The numeric group ID of the administrator.

The default is the group ID of the person who runs tmloadcf(1).

Example: GID=100

Note: On Windows 2000, this value must be set to 0.

PERM

The value is an octal number that specifies permissions for the IPC resources created when the application is booted. This parameter provides the first level of defense of the BEA Tuxedo system IPC structures against unauthorized access. These values should be specified for production applications.

The default is 0666, which gives read/write access to all.

Example: PERM=0660

 

Note: You can overwrite the values assigned to these parameters for remote machines. The user and group IDs on a remote machine are not required to be the same as the user and group IDs on the MASTER machine. You can override the defaults by specifying different user and group IDs in the MACHINES section of the configuration file. If not specified, values specified in the RESOURCES section are used.

 

back to top previous page next page

 

Copyright © 2001 BEA Systems, Inc. All rights reserved.
Required browser: Netscape 4.0 or higher, or Microsoft Internet Explorer 4.0 or higher.