Environment
VigilEnt Security Agent for iSeries 5.4/7.0
Remote Request Management (RRM)
Remote Request Management (RRM)
Situation
How do I use Remote Request Management (RRM) to have users log in to their own home directory and not be able to see anything outside of that?
Rejected entries that have "/" in them are viewable.
Remote Request Management (RRM) FTP is not handling special characters (".", ".." and "//") properly and is impacting control of login.
Rejected entries that have "/" in them are viewable.
Remote Request Management (RRM) FTP is not handling special characters (".", ".." and "//") properly and is impacting control of login.
Resolution
PTF 1C01780 (along with its pre/co-requisites) will allow FTP transactions to handle special characters such as, ".", ".." and "//". This will allow controlling attempts to list and access files outside the user's home directory by walking up the directory path with "..".
The PTF can be downloaded from the following link:
https://www.netiq.com/support/default.asp
The PTF is now included in Service Pack 1X03080 and any subsequent PTFs for 5.4/7.0.
Additional Information
Formerly known as NETIQKB31093