The following log files created by PA are world read,writeable which is not acceptable for some customers. Some customers have audit requirements where RWX should be removed from OTHERS. It is not a umask issue, it is the agent imposing the permission RW to others.
$ sudo find /opt/quest -type f -perm -0002 -exec ls -ld {} \;
-rw-rw-rw- 1 quest dba 2085 Nov 20 2007 /opt/quest/sc/agents/AgentManager/2.0/log/installer.log
-rw-rw-rw- 1 quest dba 24190 Jun 2 03:45 /opt/quest/sc/agents/log/launcher.log
-rw-rw-rw- 1 quest dba 9331 May 28 12:39 /opt/quest/sc/agents/log/activity.log
-rw-rw-rw- 1 quest dba 123 Nov 20 2007 /opt/quest/sc/agents/log/http.log
These are log files (not config files) that are created by PA Launcher and they do not contain any sensitive information. These log files are recycled once they reach a certain size or after a restart of PA QAM service, the launcher log file gets recreated. So the files will be recreated with RW permission for all.
Enhancement request CR0233025 has been raised.
© 2021 Quest Software Inc. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy