AnsweredAssumed Answered

PIM seos does not identify program when not having fullpath

Question asked by stoopid on Jan 13, 2016
Latest reply on Jun 8, 2017 by rehbr01

Hi Pim-Community,


i struggle with a seos definition, and wondering if you might be able to help. Here the issue

CA-PIM installed on HPUX


issec header

CA ControlMinder version 12.8 installed in /opt/CA/AccessControl

VeRsIoN: 12.81-0 (1912) Compiled On:Feb 05 2015 21:06:13 _AIX610._RS6000  30034


there is a proftpd (ftp-daemon) running on the machine, which should have access to with pim "secured resources".

due to our separation of duty only privileged users are allowed to access certain directories, root is not one of these.

as proftpd initialy runs as root, it will be identified as a root access within pim.


ps -ef

root 18874486   1   0   Nov 20 -  1:22 proftpd: (accepting connections)


To allow access to the resources by using or accessing via proftpd i tried the following


My Attempts:

I tried to set up a loginappl with proftpd.




Defaccess         : X

Audit mode        : Failure

Owner             : <userid>       (XUSER  )

Create time       : 30-Oct-2015 15:24

Update time       : 21-Dec-2015 16:55

Updated by        : <userid>      (XUSER  )

Login flags       : None

Login method      : Normal

Login path        : /opt/proftpd/sbin/proftpd

Login sequence    : N3UID, FUID, SGRP, SUID


which didn't work for me.


I've added proftpd binary to my gfile

auth gfile SAP_Secured_Resources_daten via(pgm(/opt/proftpd/sbin/proftpd)) uid(root) access(all)


this didn't work as well as


Data for SPECIALPGM '/opt/proftpd/sbin/proftpd'


Owner             : +policyfetcher(USER   )

Create time       : 12-Jan-2016 14:30

Update time       : 12-Jan-2016 14:30

Updated by        : +policyfetcher(USER   )

CA ControlMinder UID : +sapwork+

Program Type      : Propagate bypass, Full bypass program

Native UID        : *



Looking at my processes (ps) i see that proftpd is running without fullpath information, maybe PIM is not able to resolve the path.