Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
-
None
Description
The default permissions granted to the database users appear to be higher than necessary. The user for the audit log 'xalogger' has full access to all tables in all databases, even ones not related to xasecure. This could raise concerns in a shared environment.
Permissions should be restricted to only allow what is required. xalogger user should have only insert privileges in only xa_access_audit table. xaadmin user need select privilege on xa_access_audit table. xaadmin user should have privileges only on xasecure and xasecure_audit databases.