Manualshelf

HP-UX Workload Manager A.02.03.01 Release Notes for HP-UX 11i V1.0 and HP-UX 11i V2.0

ManualsBrandsHP ManualsSoftwareHP-UX 11i Workload Management (gWLM/WLM) Software
31323334353637383940
HP-UX Workload Manager Release Notes
Security
36
Security
This section highlights security items you should be aware of.
Data collectors
Data collectors invoked by WLM run as root and can pose a security threat. Hewlett-Packard
makes no claims of any kind with regard to the security of data collectors not provided by
Hewlett-Packard. Furthermore, Hewlett-Packard shall not be liable for any security breaches
resulting from the use of said data collectors.
wlmgui and wlmcomd
Here are several security tips for using wlmgui and wlmcomd:
Do not use wlmgui over the Internet. Use wlmgui and wlmcomd only on trusted LANs
where you trust all the users: All data exchanged between wlmcomd and wlmgui, including
the users password, is transmitted without encryption over the network.
Restrict communications between wlmcomd and wlmgui to only authorized users to
improve security.
Relyonly to the extent that you trust your intraneton the monitoring information
from wlmgui to decide on a course of action.
The WLM GUI sends data to wlmcomd over the network without verifying the recipient.
Each connection to wlmcomd represents a separate process on the system. As such, each
connection consumes resources, such as open file descriptors, a process ID, memory, and so
forth. A large number of connections could result in denial of service. You can restrict
connections by deploying wlmcomd on systems behind a firewall that blocks access to the
port being used.