Dear all, we have been thinking about a local quick fix for Security Bulletin: Buffer Overflow from improperly formatted SELECT command in IBM Tivoli Storage Manager (IBM Spectrum Protect) Server (CVE-2016-8998). Gerd Becker and I have come across the following Idea that may ease the preasure to update to 7.1.7.100 ff:
Define one empty domain "emptydomain" Update admins who may safely use select statements, but with no other authority to "grant authority adminname classes=policy domains=emptydomain" set queryauth policy in the server otion file and bounce the server instance all other admins, such as node admin users will no longer be able to issue select statements Cheers, Markus
