Hi Steven, See 2.1.1 Command line authentication flow (non-root user) and 2.1.2 Command line and scheduler authentication flow (root user) from "IBM Tivoli Storage Manager Building a Secure Environment" Redbook (sg247505).
-- Best regards / Cordialement / مع تحياتي Erwann SIMON ----- Mail original ----- De: "Steven Harris" <[email protected]> À: [email protected] Envoyé: Lundi 25 Août 2014 01:20:46 Objet: [ADSM-L] dsmtca Hi All I've just been notified by my internal process here about a cert vulnerability affecting the TSM AIX Client. CVE-2014-0907 see http://www-01.ibm.com/support/docview.wss?uid=swg21680454 As usual support tell us half of the story. There is no way I can upgrade all of my clients in any reasonable timeframe, so I'm left with the workaround, which is to remove the dsmtca binary Now that is all fine and dandy, but nowhere can I discover what the implications of removing that binary are. I assume its included because it provides some function. Does anyone know what dsmtca provides and any implications for its removal? While I'm on the subject there have been a number of recent CERT vulnerabilities posted about TSM topics. I don't know about anyone else, but my management responds to these with a one-size-fits-all knee-jerk. The words "Chicken Little" spring to mind. This is causing me repeated grief. I am trying to work on management to get some sort of graduated response to these advisories, but given that TSM is a reasonably constrained problem domain is it too much to ask for a concerted security effort from development to expose and address as many remaining issues as possible and remove this irritation? Regards Steve. Steven Harris TSM Admin Canberra Australia
