https://community.esri.com/t5/data-management-questions/arcsde-security-st-geometry-extproc-listener/m-p/685143#M38860 <HTML><HEAD></HEAD><BODY><SPAN>At ArcSDE 9.3.1 for Oracle I didn't like what I saw regarding out of the box security for ArcSDE:</SPAN><BR /><STRONG>"Harden" ArcSDE repository on Oracle: do not grant privileges to PUBLIC role unnecessarily</STRONG><BR /><A href="http://ideas.arcgis.com/ideaView?id=087300000008HY6AAM">http://ideas.arcgis.com/ideaView?id=087300000008HY6AAM</A><BR /><BR /><SPAN>Unless I'm mistaken, the SDE schema / ArcSDE repository violates all three basic principles of security: </SPAN><STRONG>C</STRONG><SPAN>onfidentiality, </SPAN><STRONG>I</STRONG><SPAN>ntegrity, and </SPAN><STRONG>A</STRONG><SPAN>vailability as described in the Idea link above. There's a KB article out there somewhere saying how to manually harden the SDE repository and that's welcome. But it should probably be a bit more front and center in the install documentation--e.g. if this has not been done already, linked to the KB article from the install docs please. It may not occur to someone up front to harden the SDE repository. </SPAN><BR /><BR /><SPAN>The vast majority of security exploits are evidently caused by misconfiguration according to Cloud Security expert Steve Riley (during his spectacular </SPAN><A href="http://www.esri.com/events/devsummit/videos/video3.html">2012 DevSummit Keynote--view it online</A><SPAN>). Presuming that's true, it might be nice to alert folks up front what countermeasures they might take. Rather than learn what ought to have been done up front post-breach... </SPAN><BR /><BR /><STRONG>ArcSDE Security Improvements at 10.1?</STRONG><BR /><SPAN>I've not looked at privileges granted at ArcSDE 10 to see if there's been improvement. Hoping such is the case at ArcSDE 10.1 Final. While I understand hardening the SDE schema requires a bit more work up front (e.g. revoking grants from PUBLIC and granting to data owners, etc per the KB article), it's an investment worth considering.</SPAN><BR /><BR /><STRONG>Security Issues With EXTPROC Oracle Listener for ST_GEOMETRY Spatial SQL Functions? </STRONG><BR /><SPAN>Someone added a comment to the Idea entry above questioning the use of EXTPROC, e.g. presumably the listener for ST_GEOMETRY spatial SQL functions. The only best practice I know of, one mentioned in Esri documentation and one we've implemented, is to create a second, less privileged user to run a second, dedicated Oracle listener for ST_GEOMETRY. Are there ways to harden this further? What are the issues if any? No system is 100% secure unless it's unplugged. But what other due diligence, relatively low effort / low cost items can ArcSDE admins perform to ensure ArcSDE is more secure than what one gets out of the box?</SPAN></BODY></HTML> Sat, 14 Apr 2012 08:08:19 GMT danan 2012-04-14T08:08:19Z https://community.esri.com/t5/data-management-questions/arcsde-security-st-geometry-extproc-listener/m-p/685143#M38860 <HTML><HEAD></HEAD><BODY><SPAN>At ArcSDE 9.3.1 for Oracle I didn't like what I saw regarding out of the box security for ArcSDE:</SPAN><BR /><STRONG>"Harden" ArcSDE repository on Oracle: do not grant privileges to PUBLIC role unnecessarily</STRONG><BR /><A href="http://ideas.arcgis.com/ideaView?id=087300000008HY6AAM">http://ideas.arcgis.com/ideaView?id=087300000008HY6AAM</A><BR /><BR /><SPAN>Unless I'm mistaken, the SDE schema / ArcSDE repository violates all three basic principles of security: </SPAN><STRONG>C</STRONG><SPAN>onfidentiality, </SPAN><STRONG>I</STRONG><SPAN>ntegrity, and </SPAN><STRONG>A</STRONG><SPAN>vailability as described in the Idea link above. There's a KB article out there somewhere saying how to manually harden the SDE repository and that's welcome. But it should probably be a bit more front and center in the install documentation--e.g. if this has not been done already, linked to the KB article from the install docs please. It may not occur to someone up front to harden the SDE repository. </SPAN><BR /><BR /><SPAN>The vast majority of security exploits are evidently caused by misconfiguration according to Cloud Security expert Steve Riley (during his spectacular </SPAN><A href="http://www.esri.com/events/devsummit/videos/video3.html">2012 DevSummit Keynote--view it online</A><SPAN>). Presuming that's true, it might be nice to alert folks up front what countermeasures they might take. Rather than learn what ought to have been done up front post-breach... </SPAN><BR /><BR /><STRONG>ArcSDE Security Improvements at 10.1?</STRONG><BR /><SPAN>I've not looked at privileges granted at ArcSDE 10 to see if there's been improvement. Hoping such is the case at ArcSDE 10.1 Final. While I understand hardening the SDE schema requires a bit more work up front (e.g. revoking grants from PUBLIC and granting to data owners, etc per the KB article), it's an investment worth considering.</SPAN><BR /><BR /><STRONG>Security Issues With EXTPROC Oracle Listener for ST_GEOMETRY Spatial SQL Functions? </STRONG><BR /><SPAN>Someone added a comment to the Idea entry above questioning the use of EXTPROC, e.g. presumably the listener for ST_GEOMETRY spatial SQL functions. The only best practice I know of, one mentioned in Esri documentation and one we've implemented, is to create a second, less privileged user to run a second, dedicated Oracle listener for ST_GEOMETRY. Are there ways to harden this further? What are the issues if any? No system is 100% secure unless it's unplugged. But what other due diligence, relatively low effort / low cost items can ArcSDE admins perform to ensure ArcSDE is more secure than what one gets out of the box?</SPAN></BODY></HTML> Sat, 14 Apr 2012 08:08:19 GMT https://community.esri.com/t5/data-management-questions/arcsde-security-st-geometry-extproc-listener/m-p/685143#M38860 danan 2012-04-14T08:08:19Z