Monitor process security, Configuration backups, Tracing and debugging security – HP Integrity NonStop J-Series User Manual
Page 194
System Management
HP NonStop AutoTMF Software User’s Guide—429952-016
A-20
Configuration Security
On the other hand, damage or destruction of the MapDB will also result in an outage of
the application, so you might want to restrict update access of the MapDB to trusted
users.
Application programs have no need to access the MapDB; the monitor process
provides all the MapDB information required by applications.
Monitor Process Security
The monitor process is an essential part of the application environment. All
applications obtain configuration information from the monitor. If the monitor is not
available, applications cannot run properly and an application outage occurs.
The monitor process is a fault-tolerant process pair. The most likely cause of
unavailability would be the accidental stopping of the process by either the TACL
STOP or the CI STOP MONITOR commands.
To guard against accidental stopping, the process should be started by a trusted user.
All CI commands that might affect the availability of the monitor process, including
STOP MONITOR, have been restricted to the user that started the monitor process or
a member of the SUPER group.
Configuration Backups
Since the configuration is critical to application availability, it is recommended that the
user perform a BACKUP of the NonStop AutoTMF, SysDB, and MapDB subvolumes
on a regular basis.
Tracing and Debugging Security
The tracing facility is a powerful tool than can cause programs to produce a trace of
their Enscribe and TMF operations (including data records accessed) and to enter
Debug/Inspect when the process is started. Users will find this facility useful for
diagnosing suspected application errors, both those that may be due to AutoTMF as
well as ordinary application program errors.
Tracing and debugging can be a significant source of data security exposure, allowing
unauthorized persons to view sensitive data. Such exposure can be prevented using
AutoTMF configuration parameters.
The tracing facility can be invoked in two ways:
A user issues a
command that causes a selected process or processes to
be traced or enter debug. Some other user starting a process may not know that
the process is being traced or debugged.
A user specifies DEFINEs, such as
when
executing the process; in this case, the user has control over tracing and
debugging.