When running CA Access Gateway (SPS) installer as silent with smuser
account, the installer makes :

  - All files to have execution rights;
  - All files to belongs to smuser;
  - User smuser has rights to modify files;

To have the owner of the files being other than smuser, an other
account than smuser should be used to run the installer. Smuser won't
have permission to set other user as owner if it's not set at the OS
level to have permission to do that. Usually, root or equivalent user
can do this.

So to "have those files owns by root and read access for the smuser."
install the product as root, not as smuser which probably hasn't the
root permission.

In order to get the files set with the group and everybody to read
only, please open an Enhancement Request (Idea) :

  1. Go to the "All Ideas" page :
     https://community.broadcom.com/ideation/allideas;
  2. Click on the "Add" buttom";
  3. In the "Select categories...", select "Symantec Access Management";
  4. Write a title in the "title";
  5. Write a complete description of the Enhancement Request or Certification you'd like to post;
  6. Click on "Save" to get the Idea submitted !