Problem Note 16973: Inappropriate file access allowed on Unix
 |  |  |  |  |
When a Unix userid is a member of only one group, the userid will inherit the group id from the userid used to start the Object Spawner when the SAS process is run through the spawner.
For example, if the Unix userid 'Test1' is a member of only one group called 'Group1' and the Object Spawner was started by Unix userid 'Test2' which belongs to 'Group2', then any process run by 'Test1' through the spawner will have Unix group membership in both 'Group1' and 'Group2'.
This may allow the process to access files that it should not have access to. This is a problem only with 9.1.3 with Service Pack 3 applied.
Select the Hot Fix tab in this note to access the hot fix for this issue.
Operating System and Release Information
| Product Family | Product | System | SAS Release | |
| Reported | Fixed* | |||
| SAS System | Base SAS | 64-bit Enabled Solaris | 9.1 TS1M3 SP3 | 9.1 TS1M3 SP4 |
| Microsoft® Windows® for 64-Bit Itanium-based Systems | 9.1 TS1M3 SP3 | 9.1 TS1M3 SP4 | ||
| Linux | 9.1 TS1M3 SP3 | 9.1 TS1M3 SP4 | ||
| 64-bit Enabled HP-UX | 9.1 TS1M3 SP3 | 9.1 TS1M3 SP4 | ||
| Linux on Itanium | 9.1 TS1M3 SP3 | 9.1 TS1M3 SP4 | ||
| HP-UX IPF | 9.1 TS1M3 SP3 | 9.1 TS1M3 SP4 | ||
| 64-bit Enabled AIX | 9.1 TS1M3 SP3 | 9.1 TS1M3 SP4 | ||
| Tru64 UNIX | 9.1 TS1M3 SP3 | 9.1 TS1M3 SP4 | ||
A fix for SAS 9.1.3 (9.1 TS1M3) for this issue is available at:
http://www.sas.com/techsup/download/hotfix/e9_sbcs_prod_list.html#016973A fix for SAS 9.1.3 (9.1 TS1M3) with Asian Language Support (DBCS) for this issue is available at :
http://www.sas.com/techsup/download/hotfix/e9_dbcs_prod_list.html#016973| Type: | Problem Note |
| Priority: | alert |
| Topic: | System Administration ==> Security |
| Date Modified: | 2006-02-08 17:23:11 |
| Date Created: | 2006-01-30 11:10:43 |