Hi Everyone,
I have a little question about the SSFS master key storage and access rights related to it.
The file:
/usr/sap/<SID>/SYS/global/security/rsecssfs/key/SSFS_<SID>.KEY
Should contain the master key used to decrypt the keys that are used to encrypt the data handled by the SAP HANA. (or at least i think so, so please correct me if I am wrong).
I am wondering why is this file accessible for "others" (read and execute) in the system that I am currently checking. Is this a security risk for the system? I cant find any good reason to have this file accessible for "others" as the whole SAP is running under <SID>adm.
Thanks for any clarifications
Much appreciated
Martin