yexinru/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
Files
6d6608a45debccc04d375197645841881348d290
doc-exports/docs/dws/dev/dws_04_0109.html
luhuayi 177cd61a57 DWS DEVG 910.211 version 
Reviewed-by: Pruthi, Vineet <vineet.pruthi@t-systems.com>
Co-authored-by: luhuayi <luhuayi@huawei.com>
Co-committed-by: luhuayi <luhuayi@huawei.com>
2025-05-05 07:44:03 +00:00

3.4 KiB
Raw Blame History

USER Object Design

Rule 2.5: Following the Least Privilege Principle and Avoiding Running Services Using Users with Special Permissions

Impact of rule violation:

  • Administrators have full access to a lot of things in the system and using these users to run services can pose security and control risks.

Solution:

  • It is advised to use common users for service running, reserving users with special permissions for management operations.

Rule 2.6: Avoiding the Use of a Single Database Account for All Services

Impact of rule violation:

  • Using a single database user for all services hinders effective service management and control. In abnormal situations, it becomes impossible to isolate specific users for emergency purposes.

Solution:

  • Create administrators, service operation users, and O&M users for different purposes.
  • Use different users to run different services for improved management and allocation of services and resources.