<div>
<div class="content wysiwyg-content">
Hi Experts,<br />
<br />
I have been having an issue with users accessing an Oracle based application within a Citrix enivironment. &nbsp;After much research, i discovered that if I go to the Local Security Settings&gt;User Rights Assignment&gt;Create global objects policy and add those users to that right, the application launches properly and is able to establish a db connection. &nbsp;My question is, what are the ramifications or risks with providing non-admin users this access? &nbsp;Am I opening up my Citrix servers to abuse by giving too much power to these users? &nbsp;I have done some research and cannot find any real substantial case for or against allowing this right other than &quot;only give to right to trusted users&quot;. &nbsp;Any insight would be greatly appreciated.
</div>
</div>


Hi Experts,

I have been having an issue with users accessing an Oracle based application within a Citrix enivironment.  After much research, i discovered that if I go to the Local Security Settings>User Rights Assignment>Create global objects policy and add those users to that right, the application launches properly and is able to establish a db connection.  My question is, what are the ramifications or risks with providing non-admin users this access?  Am I opening up my Citrix servers to abuse by giving too much power to these users?  I have done some research and cannot find any real substantial case for or against allowing this right other than "only give to right to trusted users".  Any insight would be greatly appreciated.

Risks with allowing users 'Create Global Objects' right in Local Policy

Operating system security (OS security) is the process of ensuring OS integrity, confidentiality and availability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised, including authentication, passwords and threats to systems and programs.

OS Security

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.