WCC 12.x file system permission flag in security scan
Article ID: 411772
Updated On:
Products
Issue/Introduction
WCC is being flagged for some non-compliant items.
Previously, we were told that permissions on conf cannot be changed.
In the latest 24.x release, have there been any changes here for the permissions on conf?
Or if you can confirm the following two items need to have their permissions remain intact for WCC.
|
ControlID |
Risk |
ControlName |
Broadcom L2 Support Comments |
|
9561 |
High |
Status of 'permission' set on 'directory' attribute within 'logging.properties' file |
As the "conf" is an internal subdirectory of WCC. We have already restricted users to perform (write or execute actions on) file / file contents. If we remove remaining permissions for the users, It will impact WCC startup. |
|
9422 |
High |
Status of the 'ownership' of 'conf' directory within web server instance |
As the "conf" is an internal subdirectory of WCC. We have already restricted users to perform (write or execute actions on) file / file contents. If we remove remaining permissions for the users, It will impact WCC startup. |
Environment
Autosys 12.x,24.x
Resolution
There has been no change to the file system permissions in any of the 12.x versions.
screenshot below is in 12.1SP1
We did some improvements related to permissions in the 24.0.01 release.
in 24.0.01
Feedback
