Permissions on the API Gateway File
search cancel

Permissions on the API Gateway File


Article ID: 113627


Updated On:


STARTER PACK-7 CA Rapid App Security CA API Gateway


The config file (/opt/SecureSpan/Gateway/node/default/etc/conf/ has global read permissions. The customer's security team wanted to restrict file access to a specific user and remove global read access.

Can they change the file's default permissions without affecting the functionality of the product?


Release: MSPAPE99000-9.3-API Gateway Essentials-MSP


On a high-level, there doesn't appear to be an issue with removing the global read permissions. If you ever have to do a Gateway restoration, you may be unable to connect to the Policy Manager because there are no read permissions on that file.

Reference: Problem: Gateway is not running properly after a restore

The file does contain the Java path and encrypted password for the gateway cluster. Global users can't edit the file so it should be OK to leave it as is.