emsi
ADSM.ORG Member
Hi!
I found that, by default, user of Privilege Classes Client Owner is able to connect to server with dsmadmc and perform a 'query content' operation and thus list objcts/file of other nodes. In certain circumstances this might lead to a serious implication and usualy can be considered as information leak.
IMHO the default behavior is unsecure. Commands as 'query sys' might unveil other sensitive informations about the server system as well.
I found that, by default, user of Privilege Classes Client Owner is able to connect to server with dsmadmc and perform a 'query content' operation and thus list objcts/file of other nodes. In certain circumstances this might lead to a serious implication and usualy can be considered as information leak.
IMHO the default behavior is unsecure. Commands as 'query sys' might unveil other sensitive informations about the server system as well.