IBM Support

IC79518: REDUCTION IN PERMISSIONS ON THE NODES.REG FILE.

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as Permanent restriction.

Error description

  • Currently the DB2 file nodes.reg is set to have world writable
    permission's enabled by default upon installation.  The world
    writable permission is unnecessary for normal operations and
    does not pose a security exposure.  This APAR is to remove
    the world writable permission from this file because it may
    trigger security audit alerts for some customers.
    
    This file is located in the sqllib of the instance owner's home
    directory:
    ex:  /home/db2inst1/sqllib/nodes.reg.
    

Local fix

  • N/A
    

Problem summary

  • ****************************************************************
    * USERS AFFECTED:                                              *
    * ALL                                                          *
    ****************************************************************
    * PROBLEM DESCRIPTION:                                         *
    * DB2 file nodes.reg is set to have world writable permissions *
    * enabled by default upon installation.  Non-admin users have  *
    * the ability to update the file and cause data corruption and *
    * / or loss.                                                   *
    *                                                              *
    * This file is located in the sqllib of the instance owner's   *
    * home directory:                                              *
    * ex:  /home/db2inst1/sqllib/nodes.cfg.                        *
    ****************************************************************
    * RECOMMENDATION:                                              *
    * Upgrade to DB2 version 9.5 Fix Pack 9.                       *
    ****************************************************************
    

Problem conclusion

  • First fixed in DB2 Version 9.5 Fix Pack 9.
    

Temporary fix

Comments

APAR Information

  • APAR number

    IC79518

  • Reported component name

    DB2 FOR LUW

  • Reported component ID

    DB2FORLUW

  • Reported release

    950

  • Status

    CLOSED PRS

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2011-10-28

  • Closed date

    2012-04-10

  • Last modified date

    2012-04-10

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

    IC80010 IC84170

Fix information

Applicable component levels

[{"Line of Business":{"code":"LOB10","label":"Data and AI"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSEPGG","label":"DB2 for Linux- UNIX and Windows"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"9.5"}]

Document Information

Modified date:
18 September 2021