Thanks Erwann The removal of dsmtca implies that all access requests will have to be made by root. That's a problem for all my TDP for oracle/SAP clients as these need to run under different ids.
Regards Steve Steven Harris TSM Admin Canberra Australia. On 25 August 2014 12:58, Erwann SIMON <[email protected]> wrote: > Hi Steven, > > See 2.1.1 Command line authentication flow (non-root user) and 2.1.2 > Command line and scheduler authentication flow (root user) from "IBM Tivoli > Storage Manager Building a Secure Environment" Redbook (sg247505). > > -- > Best regards / Cordialement / مع تحياتي > Erwann SIMON > > ----- Mail original ----- > De: "Steven Harris" <[email protected]> > À: [email protected] > Envoyé: Lundi 25 Août 2014 01:20:46 > Objet: [ADSM-L] dsmtca > > Hi All > > I've just been notified by my internal process here about a cert > vulnerability affecting the TSM AIX Client. CVE-2014-0907 > > see http://www-01.ibm.com/support/docview.wss?uid=swg21680454 > > As usual support tell us half of the story. There is no way I can upgrade > all of my clients in any reasonable timeframe, so I'm left with the > workaround, which is to remove the dsmtca binary > > Now that is all fine and dandy, but nowhere can I discover what the > implications of removing that binary are. I assume its included because it > provides some function. > > Does anyone know what dsmtca provides and any implications for its removal? > > While I'm on the subject there have been a number of recent CERT > vulnerabilities posted about TSM topics. I don't know about anyone else, > but my management responds to these with a one-size-fits-all knee-jerk. The > words "Chicken Little" spring to mind. This is causing me repeated grief. > > I am trying to work on management to get some sort of graduated response to > these advisories, but given that TSM is a reasonably constrained problem > domain is it too much to ask for a concerted security effort from > development to expose and address as many remaining issues as possible and > remove this irritation? > > > Regards > > Steve. > > Steven Harris > TSM Admin > Canberra Australia >
