IBM Support

IZ81141: aixpert high level settings does not set TFTP perm correctly APPLIES TO AIX 6100-06

A fix is available

Obtain the fix for this APAR.

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • The viosecure hls_disrmtcmds rule should disable the
rlogin,
rsh, rcp and tftp commands by setting the permissions to
000.

After applying this rule the permissions for the tftp
commands
are not changed.

$ viosecure -level high -apply -rule hls_disrmtcmds

$ ls -l /usr/bin/tftp
-r-sr-xr-x 3 root system 39000 Sep 23 2009  /usr/bin/tftp

$ ls -l /usr/bin/utftp
-r-sr-xr-x 3 root system 39000 Sep 23 2009
/usr/bin/utftp

Local fix

  • 



Problem summary


    

  • tftp command privileges are not removed with aixpert high
level/medium level settings. tftp command shouldn't work
when system is operated in secure environment.

    



Problem conclusion


    

  • Change tftp command permissions when high level/medium level
settings are enabled with aixpert.

    



Temporary fix


    

  • 



Comments


    

  • 5300-11 - use AIX APAR IZ82234
5300-12 - use AIX APAR IZ81799
6100-03 - use AIX APAR IZ93987
6100-04 - use AIX APAR IZ80864
6100-05 - use AIX APAR IZ93475
6100-06 - use AIX APAR IZ93059
6100-06 - use AIX APAR IZ81141
7100-00 - use AIX APAR IZ82111

    



APAR Information




    

  • APAR number
    IZ81141
    • 

  • Reported component name
    AIX 610 STD EDI
    • 

  • Reported component ID
    5765G6200
    • 

  • Reported release
    610
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Submitted date
    2010-07-28
    • 

  • Closed date
    2010-07-28
    • 

  • Last modified date
    2013-04-17
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    
IZ80864
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    AIX 610 STD EDI
    • 

  • Fixed component ID
    5765G6200
    • 



Applicable component levels


    

  • R610  PSY  U835823
       UP11/05/10  I  1000
    • 



PTF to Fileset Mapping








      
              
                            

              

              [{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSMV87","label":"AIX 6.1 Enterprise Edition"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"610","Edition":"","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}},{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSMVAX","label":"AIX Express Edition"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"610","Edition":"","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSAUMY","label":"IBM AIX Enterprise Edition"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"610","Edition":"","Line of Business":{"code":"","label":""}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG11Q","label":"AIX 6.1 HIPERS, APARs and Fixes"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"610","Edition":"","Line of Business":{"code":"","label":""}}]
              

                          

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            17 April 2013
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback