电子邮件、远程登录和超级用户特权都需要密码,这些密码最好各不相同而且难以通过自动化攻击猜测或推断出来。
To wit, e-mail, remote login, and superuser privileges all require a password—preferably disparate and each difficult to guess or derive using an automated attack.
这使set-user-ID(非根)程序能够放弃它的所有用户特权,执行一些非特权操作,然后恢复原来的有效用户ID。
This allows a set-user-ID (other than root) program to drop all of its user privileges, do some un-privileged work, and then re-engage the original effective user ID in a secure manner.
在方案集成过程中,您需要一直记住的一个安全性规则就是,不同的用户角色拥有其相应的特权设置。
During the solution integration, one security rule you need keep in mind is to be certain that different user roles have their corresponding privilege sets.
受信任上下文是一个对象,它为用户提供一组特定的特权,当用户通过一个受信任的连接连接到数据库时,便可以使用它。
A trusted context is an object that gives users a specific set of privileges and is available when the user connects to the database through a trusted connection.
这违背了最小特权原则,这是一个基本的安全设计原则,该原则建议只授予用户足够执行其任务的权利。
This violates the principle of Least privilege, which is a basic security design principle that recommends that users should only be granted enough privileges to perform their tasks.
模式具有相关联的特权,使模式所有者能够控制哪些用户有权在这个模式中创建、修改和删除对象。
Schemas have privileges associated with them, allowing the schema owner to control which users have the privilege to create, alter, and drop objects in the schema.
PUBLIC实际上并不是外部安全设施中定义的一个组,而是一种向成功经过身份验证的用户分配特权的方式。
PUBLIC is not actually a group defined in the external security facility, but is rather a way to assign privileges to any user who successfully authenticates.
任何操作系统用户都有可能访问DB2;但是,除非他们被授予给定的DB 2权限或特权,否则他们能做的事情不多。
Any operating system user can potentially access DB2; however, unless they have been granted a given DB2 authority or privilege, there is not much they can do.
他们可以创建和删除用户,项目以及管理储存库所涉及的一切操作,另外他们还有项目管理员的特权。
They can create and delete users, projects, and everything else permitted in management of a repository, plus they have the privileges given to the project administrators.
探测器在操作系统内核级上监视所有数据库事务,包括特权用户的事务,而不依赖于数据库审计日志。
The probes monitor all database transactions, including those of privileged users, at the operating system kernel level without relying on database audit logs.
黑客可以伪装成具有管理控制权的高特权用户,控制虚拟机,然后在虚拟化系统管理程序上执行恶意程序。
A hacker can become a highly privileged user with administrative controls and get out of a virtual machine and then execute malicious programs on the hypervisor.
这使模式所有者能够控制哪些用户有权在这个模式中创建、修改和删除对象(CREATEIN、ALTERIN、DROPIN特权)。
This allows the schema owner to control which users have the privilege to create, alter, and drop objects in the schema (CREATEIN, ALTERIN, DROPIN privilege).
用于访问外部表的权限由IDS通过外部表上的用户访问特权治理,还受到由操作系统管理的数据文件权限的治理。
The permissions used to access external tables is governed by the user access privileges on the external table by IDS as well as the data file permissions managed by the operating system.
关于能够授予用户和组的各种数据库对象特权的详细信息,请参阅DB 2 UDb文当(参见参考资料)。
For detailed information about all the various database object privileges that can be granted to users and groups, refer to the DB2 UDB documentation (see Resources).
例如,黑客可以伪装成具有管理访问权的特权用户进入系统并执行恶意操作,而真正的系统管理员不会马上注意到。
For example, a hacker can enter in the guise of a privileged user with administrative access controls and perform malicious activities that a legitimate system administrator did not initially notice.
正如我们期望的一样,这个程序会接收到一个SIGILL(信号编号为4)信号,其si代码为5,这是在用户空间的程序执行特权操作时产生的。
As expected, the program has received a SIGILL (signal number 4) with an si code of 5, which is set when a privileged opcode is executed by a user-space program.
回想一下内核模式表示代码执行的特权模式,而用户模式则表示非特权模式(用于那些运行在内核之外的程序)。
Recall that kernel mode represents the privileged mode for code execution, while user mode represents the non-privileged mode (for programs running outside the kernel).
在清单3中,可以看出用户EMMA具有表table1上的CONTROL特权,以及所有其他可用的表特权,包括将这些特权授予其他人的能力。
In Listing 3, you see that the user EMMA has CONTROL privilege on the table TABLE1 as well as all the other available table privileges, including the ability to grant those privileges to other users.
尽管大部分Linux主机都进行了设置以允许任何用户都可以启动vncserver,但是您很可能会需要root特权来有效地使用stunnel。
While most Linux hosts are set up so that any user can launch vncserver, it's very likely that you'll need root privileges to use stunnel effectively.
snrdba组中的所有用户都将拥有和SYSADM授权级别关联的全部特权,从而能够执行授权级别所需要的全部管理任务。
All users in the snrdba group would then have all the privileges associated with the SYSADM authority level and thus be able to perform all administrative tasks requiring that authority level.
在本文中,我们回顾了DB 2UDB中定义的各种权限级别和特权,以及如何使用命令行语法和ControlCenter将它们分配给用户。
In this article, we have reviewed the different authority levels and privileges defined in DB2 UDB and how they can be assigned to users using command line syntax and the Control Center.
通过点击适当特权的下拉框并选择Yes、No或Grant,从而指定应该向用户或组授予哪些特权。
You can specify which privileges should be granted to the user or group by clicking on the drop-down box for each privilege and selecting either Yes, No, or grant.
例如,需要个别的root特权的程序可能以root身份启动(比如说,通过成为setuid root)然后切换到以较少特权用户身份运行。
For example, a program that needs a single root privilege may get started as root (say, by being setuid root) and then switch to running as a less-privileged user.
TivoliSecurityPolicyManager——提供针对用户、用户信息联合和特权管理的统一管理点。
Tivoli Security Policy Manager - Provides a uniform point of administration of users, federation of user information, and privilege management.
Linux系统如此安全的一部分原因就是只有root用户才能拥有安装、卸载软件和其他重大改变的特权。
Part of the reason Linux is so secure is that only the root user has the privileges needed to install or remove applications and make other big changes.
例如,如果SECADM需要修改NewYork分公司的特权,那么她可以修改角色的定义,而不必为所有用户重复该过程。
For example, if the SECADM needs to alter the privileges for the branch in New York, she can alter the definition for the role without having to replicate the process for all users.
查找现有用户和组,以及用于对特权执行Grantall、Allow all或Revoke all操作的选项按钮也都受支持,可以方便地使用。
Look-up for existing users and groups as well as option buttons that perform actions to Grant all, Allow all, or Revoke all privileges are also provided for ease of use.
只要没有其他更新wells_pts的方法(即,必须从所有其他用户那里撤消修改这个表的特权),那么引用完整性就是有保证的。
As long as there is no other way to update wells_pts (that is, you must revoke privileges from all other users), referential integrity is guaranteed.
管理员需要编辑xa_config文件,将特权授予使用SybaseLRM的用户,并为分布式事务管理配置服务器。
The administrator needs to edit the xa_config file, grant privileges to the user for use of the Sybase LRM, and configure the server for distributed transaction management.
系统内核所使用的内存空间通过特权码(privileged code,2级或者更低)来标记,以防止用户模式的程序访问到内核空间而发生页面错误。
Kernel space is flagged in the page tables as exclusive to privileged code (ring 2 or lower), hence a page fault is triggered if user-mode programs try to touch it.
应用推荐