The Autosys agent creates files with world-writeable permission whichi is considered a security violation, can something be adjusted to avoid this?

Document ID : KB000015284
Last Modified Date : 14/02/2018
Show Technical Document Details
Question:

During our annual security scan, it was detected that in the Agent spool directory files were being created with world-writeable permissions. This is considered a security violation. 

Can something be adjusted to avoid this?

 

Environment:
Product - Workload Automation AE 11.3.xPlatform - Unix/Linux
Answer:

Using the r11.3 SP4 agent or above you can set oscomponent.umask and oscomponent.defaultfile.permission to control the default permissions for the agent's spool files. 

Example: 

oscomponent.umask=022 

oscomponent.defaultfile.permission=0644