search cancel

The Autosys agent creates files with world-writeable permission which is considered a security violation, can something be adjusted to avoid this?

book

Article ID: 15284

calendar_today

Updated On:

Products

CA Workload Automation AE - Business Agents (AutoSys) CA Workload Automation AE - Scheduler (AutoSys) Workload Automation Agent

Issue/Introduction

During our annual security scan, it was detected that in the Agent spool directory files were being created with world-writeable permissions. This is considered a security violation. 

Can something be adjusted to avoid this?

Environment

Workload Automation Agent - Unix/Linux

Resolution

Using the r11.3 SP4 agent or above you can set oscomponent.umask and oscomponent.defaultfile.permission parameters in agentparm.txt file to control the default permissions for the agent's spool files. 

Example: 

oscomponent.umask=022 

oscomponent.defaultfile.permission=0644 

 

Additional Information