Some AutoSys 11.3.6 directories have wide-open permissions.
Can you please list all the files and folders that have 777 permissions and provide the reasons why they are set that way.
Workload Automation AE 11.3.x
Operating System Platform - UNIX/LINUX
Question
In the AE root folder $AUTOUSER/audit should have a restricted deletion flag or sticky bit set and be used for storing EEM audit reports. The report generation will fail if a user generating the reports donot have permission over this folder.
# ls -ld $AUTOUSER/audit
drwxrwxrwt 2 autosys autosys 4096 May 10 23:10 /opt/CA/WorkloadAutomationAE/autouser.ORA/audit
$AUTOSYS/install/soapWS was intended for only a limited few Customers. The folder need not have written permission from all/others but it is set that way by default.
# ls -ld $AUTOSYS/install/soapWS
drwxrwxrwx 2 autosys autosys 4096 May 9 18:51 /opt/CA/WorkloadAutomationAE/autosys/install/soapWS
There will be files in Agent spool folder($AUTOSYS/../SystemAgent/WA_AGENT/spool/*/*/*) that will have a sticky bit set which will be created by the Agent to run the jobs. There is an Agent installed file ($AUTOSYS/../SystemAgent/WA_AGENT/UninstallData/.com.zerog.registry.xml) that has full permissions to be used by the Agent installer.
In the $CASHCOMP folder, there will be some files and folders full or special permissions set. These are required for their service to run.
Examples:
$CASHCOMP/Csam/SockAdapter
srwxrwxrwx 1 root root 0 Nov 1 01:13 /opt/CA/SharedComponents/Csam/SockAdapter/.csam_broker
$CASHCOMP/csutils/bin
-r-sr-xr-x. 1 root root 42579 Nov 1 03:48 casrvc
lrwxrwxrwx. 1 root root 6 Apr 12 13:08 unisrvcntr -> casrvc