Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP HANA SSFS key storage access rights

Go to solution
Former Member

‎08-24-2015 3:30 PM

0 Kudos

Hi Everyone,

I have a little question about the SSFS master key storage and access rights related to it.

The file:

/usr/sap/<SID>/SYS/global/security/rsecssfs/key/SSFS_<SID>.KEY

Should contain the master key used to decrypt the keys that are used to encrypt the data handled by the SAP HANA. (or at least i think so, so please correct me if I am wrong).

I am wondering why is this file accessible for "others" (read and execute) in the system that I am currently checking. Is this a security risk for the system? I cant find any good reason to have this file accessible for "others" as the whole SAP is running under <SID>adm.

Thanks for any clarifications

Much appreciated

Martin    

1 ACCEPTED SOLUTION

Go to solution
Former Member

‎08-25-2015 9:30 AM

0 Kudos

Hi Martin,

Check the note 1639578 - SSFS as password store for primary database connect, it has mentioned to change the permissions after the SSFS config.

Regards,

Raja. G

1 REPLY 1

Go to solution
Former Member

‎08-25-2015 9:30 AM

0 Kudos

Hi Martin,

Check the note 1639578 - SSFS as password store for primary database connect, it has mentioned to change the permissions after the SSFS config.

Regards,

Raja. G