The Autosys agent creates files with world-writeable permission whichi is considered a security violation, can something be adjusted to avoid this?

book

Article ID: 15284

calendar_today

Updated On:

Products

CA Workload Automation AE - Business Agents (AutoSys) CA Workload Automation AE - Scheduler (AutoSys) CA Workload Automation Agent

Issue/Introduction



During our annual security scan, it was detected that in the Agent spool directory files were being created with world-writeable permissions. This is considered a security violation. 

Can something be adjusted to avoid this?

 

Environment

Product - Workload Automation AE 11.3.xPlatform - Unix/Linux

Resolution

Using the r11.3 SP4 agent or above you can set oscomponent.umask and oscomponent.defaultfile.permission to control the default permissions for the agent's spool files. 

Example: 

oscomponent.umask=022 

oscomponent.defaultfile.permission=0644