Did you know that with netbackup you can write a script and run a
command that copies it to a unix client, executes it, and deletes it
when it's done, all as root? Method for doing so left as exercise to
the reader. Hint -- read the "update_clients" script.

-Charlie

On 10/24/05, Anthony Tocco <ttocco AT colltech DOT com> wrote:
>
>
>
> TSM users beware did you know even though TSM may have security settings.
> You can run any command for UNIX as a scheduled event from the TSM admin
> console and it will run on the UNIX server.  This is a huge security risk
> and many fail to realize that.  This is because the TSM admin console uses
> Root access.
>
>
>
>
> Tony Tocco
>
> ttocco AT colltech DOT com
>
>
>
>  ________________________________
>
>
> From: veritas-bu-admin AT mailman.eng.auburn DOT edu
> [mailto:veritas-bu-admin AT mailman.eng.auburn DOT edu] On Behalf
> Of William
>  Sent: Sunday, October 23, 2005 6:35 PM
>  To: veritas-bu AT mailman.eng.auburn DOT edu
>  Subject: [Veritas-bu] NBU Security Setting
>
>
>
>
>
> Hi NBU Guru,
>
>
>
>
>
> I just got a question from a customer if NBU has some sort of security
> setting as TSM? They have a bunch of TSM security setting checklist, but
> not sure about NBU security stuff. Can anybody shed some light?  TIA.
>
>
>
>
>
>
>  System value/ parameter
> Description
> Required setting
>  directory: /usr/tivoli/tsm/                           Server code
> executable directory        drwxr-xr-x
>
>
>                Must be owned by root or designated administrative user
>  volumes listed in the dsmserv.dsk file     Files used as database, log and
> storage pool volumes   -rw-r-----
>  .................
>
>
>
>
>
> Bill