Our security team performed vulnerability scan and report shows “World writable files exist” related findings on our Harvest broker server -
"World writable files were found on the system. A file that can be written by any user on the system could be a serious security flaw."
All listed files came from installation in folders $RTHOME/bin, $RTHOME/bin/i86_64_linux24, $RTHOME/lib/i86_64_linux24. Do they require world-writable permissions to perform correctly? Please let me know what options do we have.
Release : 13.0.3
Component : CA HARVEST SCM INFRASTRUCTURE (BROKER/AGENT/PEC/SECURITY
We have not found any issues with making the files in those folders read-only. If you change the permission level to “700” would that help to clear the vulnerability exceptions.