Problem Note 14600: Potential security risks exist because the object spawner that is used with SASĀ® Marketing Optimization runs with the NOSECURITY option
SAS Marketing Optimization maintains its own user definitions within
the application, but they are not authenticated on the SAS server.
The SAS Marketing Optimization client does not pass any credentials to the
object spawner, which runs with the NOSECURITY option.
SAS Marketing Optimization requires the NOSECURITY option when initializing the object spawner.
There is a hot fix available that enables SAS Marketing Optimization to use server
authentication, therefore, it is not necessary to use the NOSECURITY option when you start the object spawner.
Select the Hot Fix tab in this note to access the hot fix for this issue.
Operating System and Release Information
| SAS System | SAS Marketing Optimization Server | Microsoft Windows XP Professional | 9.1 TS1M3 | 9.1 TS1M3 SP4 |
| Microsoft Windows NT Workstation | 9.1 TS1M3 | 9.1 TS1M3 SP4 |
| Microsoft Windows 2000 Server | 9.1 TS1M3 | 9.1 TS1M3 SP4 |
| Microsoft Windows 2000 Advanced Server | 9.1 TS1M3 | 9.1 TS1M3 SP4 |
| Microsoft Windows 2000 Datacenter Server | 9.1 TS1M3 | 9.1 TS1M3 SP4 |
| Microsoft Windows 2000 Professional | 9.1 TS1M3 | 9.1 TS1M3 SP4 |
*
For software releases that are not yet generally available, the Fixed
Release is the software release in which the problem is planned to be
fixed.
SAS Marketing Optimization requires the NOSECURITY option when
initializing the object spawner.
| Type: | Problem Note |
| Priority: | alert |
| Topic: | System Administration ==> Security
|
| Date Modified: | 2009-10-23 15:28:43 |
| Date Created: | 2005-02-17 10:42:02 |
