We help IT Professionals succeed at work.

Sybase - Extended Stored Procedures/XP SREVER..

1harsha
1harsha asked
on
2,730 Views
Last Modified: 2012-05-04
Sybase Extended Stored Procedure -UNIX Privilages:
When writing/executing the 'C' code for creating a custom ESP, do I need to use user 'sybase' (with extensive unix privilages)?

If no, do we need user 'sybase' during the FIRST start of the XP SERVER.
 
Does the security context settings associated with xp_cmdshell(system supplied ESP) pertain to that one ESP or does it affect the user created ones too?
Pls. help me as I dont seem to get any info. which answers my question from SYBASE site.
Comment
Watch Question

Commented:
Well, AFAIK the XP server runs under same OS account as the associated dataserver (sybase user by default) so you need that account to have the ASE up and running.
The xp_cmdshell gives you permissions of this user so you should prevent ordinary users from using it (so they cannot execute OS commands on server with permissions of sybase user).
The "xp_cmdshell context" config parameter prevents this and works ONLY with the xp_cmdshell. Permissions to other ESP can be granted/revoked as with normal stored procedures.

Author

Commented:
Let me explain my prob. in detail.
I am a developer, trying to Use ESP's for replication.
Our DBA's dont like the idea of someone using 'SYBASE' user permissions.
-------------------
Assume
1.The ASE is up and running(DBA's job).
2.The DBA runs a system ESP(I dont care which one) to start the xp_server. OK, now the ASE & xp_server is  up and running.

Now for the questions
1.When I try to run a custom ESP would it have to run under the security context of the xp_server that is(user 'sybase')?
IF so,
IS there no way I could restrict permisisons (unix shell) of this custom ESP so that the DBA's would be pleased.?

By the way are you a DBA?
Real 'nice'(*^@$#@$) guys these DBA's.  
just kidding ....


















Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
OK, now you earned your points.
Thanks for the help.

Author

Commented:
Jkotek:
This is a 'solved case':
I think if you read thru it you will notice that no matter what you need super user privilages. This round about fashion and stupid f*&**% approach that
SYBASE has leaves me with one option wait for a day when I can switch to UDB or Oracle.
No wonder the Share prive nor the market share ever goes up.

Case ID: 10376300 Product: Adaptive Server Enterprise
Open Date: 03/27/1998 12:37:58 OS: HP-UX 10.20
Version/EBF: 1150 Generic Platform: HP 9000/800 Generic
Problem Description:
xp server xp_cmdshell error -  user access denied Failed to change the user context when you executed xp_cmdshell 'ls' from isql using a server  login that matched your unix login and sp_configure ' xp_cmdshell context ' set to 1
 
Tip or Workaround:
 
Resolution:
The unix user id, for example sybase, must have super-user root privilege so that the unix user id with the same ASE userid can execute xp_cmdshell with their unix user account's privileges and with sp_configure " xp_cmdshell context " set to 1
 
Other Sources Related to Issue(Type - Location):
TechNote -  
TechNote -

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.