System security

The most important aspect of system security is control of physical access to the system. Netezza Performance Server systems are typically installed in secure data centers to ensure that physical access is restricted to permitted users.

Database security, including Multi-Level Security, depends on access through the database interfaces. Access to the Linux® host other than through Netezza Performance Server-supplied client software is discouraged. Carefully control and manage access. Any process which is not installed and qualified by Netezza Performance Server and running as root or as nz can cause denial of service and gain access to data without database access controls.

User-defined functions (UDFs) and user-defined aggregates (UDAs) run from within the Netezza Performance Server security domain and might gain access to data without database access controls. Carefully control the UDFs and UDAs that are installed on the system.

Using the Netezza Performance Server host for purposes other than running the Netezza Performance Server database software is a security issue, and can create denial-of-service situations. For example, filling the host disks with non-Netezza Performance Server data can stop audit logging and therefore stop activity on the system. Creating demand on the processors, memory, or disk subsystem can all interfere with provision of database services.

The admin user is the super user in the Netezza Performance Server system database. It is necessary to have such a user for initial configuration and to manage configuration and security problems. However, the admin user can control all users and see all data – if not directly, then by the ability to create objects that allow such access. Do not use the admin user login in normal operations. Give explicit privileges to other user identities for the management of the system and conduct DBA and operations tasks on the system.

For example, to control the Multi-Level Security model and create users, create a Netezza Performance Server database user account for a Database Security Officer (DSO) with only certain privileges, as in the following example. (For more information, see Examples.)

SYSTEM.ADMIN(ADMIN)=> CREATE USER dso;
CREATE USER
SYSTEM.ADMIN(ADMIN)=> GRANT MANAGE SECURITY TO dso;
GRANT
SYSTEM.ADMIN(ADMIN)=> GRANT USER TO dso;
GRANT