Security Issue: Auditlog - Attempt to access a protected global
I would like to report about a security issue, that engages us for some time meanwhile.
We configured a restricted user to read data from a csp page to feed our nagios server with information about configuration items we would like to have an eye upon. The configuration of this user is the same in our production and in our development environment. The called method mainly reads data from lookup tables by sql queries and writes data to a temporary table, which is deleted in the begining.
The weird thing is, that both on DEV an PROD the script terminates without any obvious error, the result is returned to and evaluated by nagios, but on our production machine we observe errors in the audit log, which complain an attempt to access a protected global. As this script is called every few minutes and causes a different number of entries (most of the time it's four or five) the audit log is flood with this kind of error messages. Not surprisingly, a call with a user having administrative rights doesn't cause any problems. The same setup on the development machine also doesn't cause any problems.
I attached a PDF file containing the error and some code and configuration snippets to get an idea. As the script runs without error, we don't know how to find out which part causes the access violation an so it's hard for us to find out which part of the code or user-configuration has to be adjusted. We would really apprechiate any hint on how to narrow the problem or determine what to do to get rid of the audittrail entry.