ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

CA System Edge: Linux - Tenable scan fail

book

Article ID: 226982

calendar_today

Updated On:

Products

CA Spectrum

Issue/Introduction

Security scan on RHEL7 servers is failing due to CA folders permission. The folders are world writable.

Example we see this setting:

drwxrwxrwx. 8 root root 4096 Sep 17 04:49 /opt/CA/SharedComponents/cai18n

drwxrwxrwx. 2 root root   23 Sep 17 04:49 /opt/CA/SharedComponents/csutils/log

drwxrwxrwx. 3 root root   19 Sep 17 04:49 /opt/CA/SharedComponents/ID

drwxrwxrwx. 2 root root    6 Sep 17 04:49 /opt/CA/SharedComponents/tmp

 

Environment

Release : SystemEDGE 5.9

Component :

Resolution

  • chmod 1770 SharedComponents directory
  • Restart SystemEDGE.

Chmod 1770 (chmod a+rwx,o-rwx,ug+s,+t,u-s,g-s) sets permissions so that, (U)ser / owner can read, can write and can execute. (G)roup can read, can write and can execute. (O)thers can't read, can't write and can't executecd TES

Attachments