-
Title
Performance Analysis (PA) for Oracle or DB2 File Permissions -
Description
The following log files created by PA are world read,writeable which is not acceptable for some customers. Some customers have audit requirements where RWX should be removed from OTHERS. It is not a umask issue, it is the agent imposing the permission RW to others.
$ sudo find /opt/quest -type f -perm -0002 -exec ls -ld {} \;
-rw-rw-rw- 1 quest dba 2085 Nov 20 2007 /opt/quest/sc/agents/AgentManager/2.0/log/installer.log
-rw-rw-rw- 1 quest dba 24190 Jun 2 03:45 /opt/quest/sc/agents/log/launcher.log
-rw-rw-rw- 1 quest dba 9331 May 28 12:39 /opt/quest/sc/agents/log/activity.log
-rw-rw-rw- 1 quest dba 123 Nov 20 2007 /opt/quest/sc/agents/log/http.log -
Resolution
These are log files (not config files) that are created by PA Launcher and they do not contain any sensitive information. These log files are recycled once they reach a certain size or after a restart of PA QAM service, the launcher log file gets recreated. So the files will be recreated with RW permission for all.
Enhancement request CR0233025 has been raised. -
Defect ID
CR0233025