Some AutoSys 11.3.6 directories have wide-open permissions.  

Can you please list all the files and folders that have 777 permissions and provide the reasons why they are set that way.

Workload Automation AE 11.3.x

Operating System Platform - UNIX/LINUX

Question

In the AE root folder $AUTOUSER/audit should have a restricted deletion flag or sticky bit set and be used for storing EEM audit reports. The report generation will fail if a user generating the reports donot have permission over this folder. 

# ls -ld $AUTOUSER/audit 

drwxrwxrwt 2 autosys autosys 4096 May 10 23:10 /opt/CA/WorkloadAutomationAE/autouser.ORA/audit 

$AUTOSYS/install/soapWS was intended for only a limited few Customers. The folder need not have written permission from all/others but it is set that way by default. 

# ls -ld $AUTOSYS/install/soapWS 

drwxrwxrwx 2 autosys autosys 4096 May 9 18:51 /opt/CA/WorkloadAutomationAE/autosys/install/soapWS 

There will be files in Agent spool folder($AUTOSYS/../SystemAgent/WA_AGENT/spool/*/*/*) that will have a sticky bit set which will be created by the Agent to run the jobs. There is an Agent installed file ($AUTOSYS/../SystemAgent/WA_AGENT/UninstallData/.com.zerog.registry.xml) that has full permissions to be used by the Agent installer. 

In the $CASHCOMP folder, there will be some files and folders full or special permissions set.  These are required for their service to run. 

Examples:

$CASHCOMP/Csam/SockAdapter

srwxrwxrwx 1 root root 0 Nov 1 01:13 /opt/CA/SharedComponents/Csam/SockAdapter/.csam_broker 

$CASHCOMP/csutils/bin

-r-sr-xr-x. 1 root root  42579 Nov 1 03:48 casrvc

lrwxrwxrwx. 1 root root      6 Apr 12 13:08 unisrvcntr -> casrvc