Security Issue: SystemEdge installs JRE world writable

Idea created by ICS on Aug 3, 2016
    New
    Score3
    • JoeP
    • Thomas.Binder
    • ICS

    When installing Service Availability (on Linux, at least), the JRE directory is created with full permissions for everybody:

      $ ls -ldF /opt/CA/SystemEDGE/jre
      drwxrwxrwx. 7 root root 4096 Jul 18 13:38 /opt/CA/SystemEDGE/jre/

     

    As a workaround, we can change this to drwxr-xr-x, but of course the installation routine should be fixed, what CA promised for the

    next version.