IBM Support

JR33153: NZLOAD COMMAND IS EXPOSED WHICH IS A SECURITY RISK - PASSWORD EXPOSED

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • The entire nzload command is being listed through out the
    duration of the job, which has the security risk of password
    leaking out to all the users who can login to the IS Server.
    

Local fix

  • This fix is included in 8.0.1 fix pack 3
    

Problem summary

  • ****************************************************************
    USERS AFFECTED:
    All users of Netezza Enterprise Stage
    ****************************************************************
    PROBLEM DESCRIPTION:
    When a PX job with Netezza operator is running and the
    load method is
    nzload, the ps command output shows the clear
    text password that is
    being used to connect to the database, which is
    
       Also when APT_DEBUG_MODULE_NAMES is enabled,
            the password is shown in clear text
            format which is also a security risk.
    ****************************************************************
    RECOMMENDATION:
    Apply this APAR.
    The fix has been included in the IS 8.1 FP1. Apply the FixPack1
    for IS 8.1.
    ****************************************************************
    

Problem conclusion

  • Code has been modified not to show the password in ps
    commandoutput
      and also in debug log when APT_DEBUG_MODULE_NAMES is
    enabled.
    

Temporary fix

Comments

APAR Information

  • APAR number

    JR33153

  • Reported component name

    WIS DATASTAGE

  • Reported component ID

    5724Q36DS

  • Reported release

    810

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2009-05-26

  • Closed date

    2009-06-02

  • Last modified date

    2010-12-10

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    WIS DATASTAGE

  • Fixed component ID

    5724Q36DS

Applicable component levels

  • R810 PSN

       UP

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSVSEF","label":"IBM InfoSphere DataStage"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"8.1","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]

Document Information

Modified date:
10 December 2010