IBM Support

JR33153: NZLOAD COMMAND IS EXPOSED WHICH IS A SECURITY RISK - PASSWORD EXPOSED

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • The entire nzload command is being listed through out the
duration of the job, which has the security risk of password
leaking out to all the users who can login to the IS Server.

Local fix

  • This fix is included in 8.0.1 fix pack 3

Problem summary

  • ****************************************************************
USERS AFFECTED:
All users of Netezza Enterprise Stage
****************************************************************
PROBLEM DESCRIPTION:
When a PX job with Netezza operator is running and the
load method is
nzload, the ps command output shows the clear
text password that is
being used to connect to the database, which is

   Also when APT_DEBUG_MODULE_NAMES is enabled,
        the password is shown in clear text
        format which is also a security risk.
****************************************************************
RECOMMENDATION:
Apply this APAR.
The fix has been included in the IS 8.1 FP1. Apply the FixPack1
for IS 8.1.
****************************************************************

Problem conclusion

  • Code has been modified not to show the password in ps
commandoutput
  and also in debug log when APT_DEBUG_MODULE_NAMES is
enabled.

Temporary fix

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    JR33153
    • 

  • Reported component name
    WIS DATASTAGE
    • 

  • Reported component ID
    5724Q36DS
    • 

  • Reported release
    810
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt
    • 

  • Submitted date
    2009-05-26
    • 

  • Closed date
    2009-06-02
    • 

  • Last modified date
    2010-12-10
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    WIS DATASTAGE
    • 

  • Fixed component ID
    5724Q36DS
    • 



Applicable component levels


    

  • R810  PSN
       UP
    • 








      
              
                            

              

              [{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSVSEF","label":"IBM InfoSphere DataStage"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"8.1","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]
              

                          

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            10 December 2010
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback