CA PIM: password mask of seos.audit

Document ID : KB000112260
Last Modified Date : 31/08/2018
Show Technical Document Details
Issue:
When we see PIM trace events with seaudit -tr command, we will see the password which is not encrypted.

[Reproduced steps]
1:
#selang
AC>cu root audit(trace)
2:
Please login to the PIM box with root user on another session(SSH).
3:
#selang -c 'eu testu1 password(admin01)'
#seaudi -a -tr
You will see the following event like this.
P TRACE root XXXXXXXX root root ARGS /opt/CA/AccessControl/bin/selang 994
EXECARGS: 'selang -c eu testu1 password(admin01)'

 
Environment:
AIX/Linux
CA PIM12.8SP1
Cause:
There is no code which is masked for trace events.
Resolution:
AIX : T5C1148
Linux 64bit : T5C1149

If the testfix is applied, it will be showed as follows.
P TRACE root XXXXXXXX root root ARGS /opt/CA/AccessControl/bin/selang 994
EXECARGS: 'selang -c eu testu1 password(xxxxxxx)'

If the testfix is needed, please contact support team.
Support Portal