Problem Note 16973: Inappropriate file access allowed on Unix
When a Unix userid is a member of only one group, the userid will
inherit the group id from the userid used to start the Object Spawner
when the SAS process is run through the spawner.
For example, if the Unix userid 'Test1' is a member of only one group
called 'Group1' and the Object Spawner was started by Unix userid
'Test2' which belongs to 'Group2', then any process run by 'Test1'
through the spawner will have Unix group membership in both 'Group1' and
'Group2'.
This may allow the process to access files that it should not have
access to. This is a problem only with 9.1.3 with Service Pack 3
applied.
Select the Hot Fix tab in this note to access the hot fix for this issue.
Operating System and Release Information
| SAS System | Base SAS | 64-bit Enabled Solaris | 9.1 TS1M3 SP3 | 9.1 TS1M3 SP4 |
| Microsoft® Windows® for 64-Bit Itanium-based Systems | 9.1 TS1M3 SP3 | 9.1 TS1M3 SP4 |
| Linux | 9.1 TS1M3 SP3 | 9.1 TS1M3 SP4 |
| 64-bit Enabled HP-UX | 9.1 TS1M3 SP3 | 9.1 TS1M3 SP4 |
| Linux on Itanium | 9.1 TS1M3 SP3 | 9.1 TS1M3 SP4 |
| HP-UX IPF | 9.1 TS1M3 SP3 | 9.1 TS1M3 SP4 |
| 64-bit Enabled AIX | 9.1 TS1M3 SP3 | 9.1 TS1M3 SP4 |
| Tru64 UNIX | 9.1 TS1M3 SP3 | 9.1 TS1M3 SP4 |
*
For software releases that are not yet generally available, the Fixed
Release is the software release in which the problem is planned to be
fixed.
| Type: | Problem Note |
| Priority: | alert |
| Topic: | System Administration ==> Security
|
| Date Modified: | 2006-02-08 17:23:11 |
| Date Created: | 2006-01-30 11:10:43 |
