The Autosys agent creates files with world-writeable permission which is considered a security violation, can something be adjusted to avoid this?

search cancel

The Autosys agent creates files with world-writeable permission which is considered a security violation, can something be adjusted to avoid this?

book

Article ID: 15284

calendar_today

Updated On:

Products

CA Workload Automation AE - Business Agents (AutoSys) CA Workload Automation AE - Scheduler (AutoSys) Workload Automation Agent

Issue/Introduction

During our annual security scan, it was detected that in the Agent spool directory files were being created with world-writeable permissions. This is considered a security violation.

Can something be adjusted to avoid this?

Environment

Workload Automation Agent - Unix/Linux

Resolution

Using the r11.3 SP4 agent or above you can set oscomponent.umask and oscomponent.defaultfile.permission parameters in agentparm.txt file to control the default permissions for the agent's spool files.

Example:

oscomponent.umask=022

oscomponent.defaultfile.permission=0644

Additional Information

Change the Default Permissions of the Files Created by the Agent

Feedback

thumb_up Yes

thumb_down No