Problem Note 51093: The hidden directory for SAS® metadata-bound libraries might assume the permissions of the umask command for the account that runs SAS®9
 |  |  |  |
The hidden directory for SAS metadata-bound libraries might assume the permissions of the umask command for the account that runs SAS. When you run the AUTHLIB procedure in UNIX operating environments, the hidden directory .sassl might inherit the umask permissions of the user account that runs the procedure. This behavior can enable someone to tamper with the library binding and cause administration problems.
For example, consider a situation in which the umask setting is 000. If the hidden directory inherits that same setting, it gives Read, Write, and Execute permissions for all users.
If the hidden directory inherits a setting that creates such a security issue, you need to manually set the permission on the hidden directory after you create the binding. Change the permissions to 755.
Operating System and Release Information
| Product Family | Product | System | Product Release | SAS Release | ||
| Reported | Fixed* | Reported | Fixed* | |||
| SAS System | Base SAS | 64-bit Enabled AIX | 9.3_M2 | 9.4_M1 | 9.3 TS1M2 | 9.4 TS1M1 |
| 64-bit Enabled HP-UX | 9.3_M2 | 9.4_M1 | 9.3 TS1M2 | 9.4 TS1M1 | ||
| 64-bit Enabled Solaris | 9.3_M2 | 9.4_M1 | 9.3 TS1M2 | 9.4 TS1M1 | ||
| HP-UX IPF | 9.3_M2 | 9.4_M1 | 9.3 TS1M2 | 9.4 TS1M1 | ||
| Linux | 9.3_M2 | 9.4_M1 | 9.3 TS1M2 | 9.4 TS1M1 | ||
| Linux for x64 | 9.3_M2 | 9.4_M1 | 9.3 TS1M2 | 9.4 TS1M1 | ||
| Solaris for x64 | 9.3_M2 | 9.4_M1 | 9.3 TS1M2 | 9.4 TS1M1 | ||