Has anyone seen any actually useful explanation of the security vulnerability
specified in security bulletin 1686874 ("Tivoli Storage Manager version
roll-off by unauthorized clients") for CVE-2014-4817, and "fixed" in APAR
IT04884 (by the addition of the new server option BACKUPINITIATIONROOT)?
https://www.ibm.com/support/docview.wss?uid=swg21686874
https://www.ibm.com/support/docview.wss?uid=swg1IT04884
I've only seen limited mention of it on the list, suggesting to set the new
option from "ON" (default) to "OFF" so that non-root backups (e.g. Oracle
backups) will continue to work.
What I'm trying to figure out is the actual security risk of the pre-IT04884
behavior (which setting "BACKUPINITIATIONROOT=OFF restores). All the
bulletin, CVE and references have to say is the following (with slight
variations):
> Tivoli Storage Manager servers and client have a default setting which allows
> TSM users, who are not TSM-authorized, to use certain options which can
> result in the roll-off of file backup versions and their replacement with
> files that have the same name as files backed up by TSM-authorized users.
I can find no mention of what those "certain options" are, nor any other
details that would explain, operationally, what the actual problem is.
I've read and re-read the security bulletin and CVE references several times.
As far as I can figure so far, the only risk is is that non-root users can
roll off backups of their own files, which isn't much of a risk, since by
definition, they can change the content of those files anyway. (I.e. it's
working as designed.)
Maybe I'm just missing something. But since I expect I'll have to disable
this security "fix" (or set up group-based restrictions on dsmtca) when I
update to a server level with IT04884 so I don't break things for my users,
I'd like some idea of what the security trade-off really is.
Any insight would be appreciated.
=Dave
--
Hello World. David Bronder - Systems Architect
Segmentation Fault ITS-EI, Univ. of Iowa
Core dumped, disk trashed, quota filled, soda warm. david-bronder AT uiowa
DOT edu
|