Process agent security considerations
If the process agent is running as a privileged or super user on the host machine, it is possible for a Netcool/OMNIbus Administrator to configure external actions which are then executed on the host system as a privileged user. For example, as the root user (UNIX) or as the Local System User (Windows). This presents a potential security risk. Therefore, the process agent must be run as a non-privileged user.
Note: There are instances when the process agent must be run as a
privileged user. For example, when running the SNMP Probe which needs
to open port 162, and when local file authentication is in use and
the process agent must be able to read the /etc/shadow file to authenticate users (UNIX only).