A user is able to FTP from a remote machine, to any library after a Secured Entry is created. (NETIQKB40305)

  • 7740305
  • 02-Feb-2007
  • 16-Aug-2007

Resolution

fact
VigilEnt Security Agent for iSeries 7.5

fact
VigilEnt Security Agent for PSSecure 7.5

fact
Remote Request Manager (RRM)

symptom
A user is able to FTP from a remote machine, to any library after a Secured Entry is created.

symptom
After creating a Secured Entry for a user with the 'Operation' of FTPSRV_RECEIVE and an 'Object Path' of *NONE, 'Action' *PASS, the user is able to FTP from a remote machine to any library.

cause
A Colleted Entry for FTPSRV_RECEIVE will have one or more IFS paths associated with it.  When creating a Secured Entry from a Collected Entry, Option 1=Set as Obj. Path should be used for each of the Collected Objects.  Failure to do this results in a Secured Entry with *NONE in the Object Path which opens the function to any library.

fix
Creating this type of Secured Entry will allow such behavior.  In order to restrict it, there must be a path associated with it.

Additional Information

Formerly known as NETIQKB40305