User is allowed to run rmview -uuid without having the correct credentials
This technote identifies an issue that can occur in IBM Rational ClearCase where a user is able to successfully run a cleartool rmview -uuid against a view without having the correct credentials to do so.
A cleartool rmview -uuid succeeds on a view for which the user does not own.
The rmview manual pages states the following identity restrictions:
You must have one of the following identities:
* View owner
* root (UNIX and Linux)
* Member of the ClearCase administrators group (ClearCase on Windows)
* Local administrator of the ClearCase LT server host (ClearCase LT on Windows)'
It is possible to run a cleartool rmview -uuid on a view that another user owns. Without any of these permissions any user can run cleartool rmview -uuid on any view.
However, running a normal cleartool rmview <view-name> (without the -uuid argument) is not allowed for the same user and same view.
This issue has been identified as a product defect under APAR PK97847.
Resolving the problem
The defect has been resolved in ClearCase 18.104.22.168, 22.214.171.124 and 126.96.36.199.
More support for:
Software version: 7.0, 188.8.131.52, 7.0.1, 184.108.40.206, 7.1, 220.127.116.11
Operating system(s): AIX, HP-UX, Linux, Solaris, Windows
Reference #: 1407629
Modified date: 27 October 2010