PM74462: Authorization checking is not done on placement service operations.

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • No authorization checking is done on placement service
    operations.
    

Local fix

  • n/a
    

Problem summary

  • ****************************************************************
    * USERS AFFECTED:  All customers running WebSphere eXtreme     *
    *                  Scale servers in a configuration that       *
    *                  uses Java Security Manager restrictions     *
    *                  on administrative access to authorized      *
    *                  identities.                                 *
    ****************************************************************
    * PROBLEM DESCRIPTION: An administrative operation can be      *
    *                      performed by an authenticated user      *
    *                      that does not have administrative       *
    *                      permissions.                            *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    Access to placement service operations via the startOgServer
    script are not restricted to only the administrators that have
    appropriate MBean permissions.
    

Problem conclusion

  • The runtime environment was corrected by adding a subroutine to
    restrict access to the placement service.  Therefore, only
    administrators with appropriate MBean permissions for all
    targets and actions, as defined in the Java security policy
    file, can perform the corresponding operations.
    

Temporary fix

Comments

APAR Information

  • APAR number

    PM74462

  • Reported component name

    WS EXTREME SCAL

  • Reported component ID

    5724X6702

  • Reported release

    850

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2012-10-05

  • Closed date

    2013-02-06

  • Last modified date

    2013-02-06

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    WS EXTREME SCAL

  • Fixed component ID

    5724X6702

Applicable component levels

  • R711 PSY

       UP

  • R850 PSY

       UP



Rate this page:

(0 users)Average rating

Document information


More support for:

WebSphere eXtreme Scale

Software version:

850

Reference #:

PM74462

Modified date:

2013-02-06

Translate my page

Machine Translation

Content navigation