11th Jan 2002 [SBWID-4990]
COMMAND
Legato Networker stores remote backup user/pass in world acessible log
file
SYSTEMS AFFECTED
Legato Networker 6.1
PROBLEM
Venkatesh babu Sira posted :
Scenario is Legato Networker with one drive as NDMP to Backup Netapp.
When u start the group to backup Netapp using NDMP drive ,in
/nsr/logs/daemon.log it writes all the info including username &
passwd(clear text) for NetApp (usually it will root ) As any one can
read this file ,so that he can mess up NetApp. I Moved /nsr dir &
stop & restarted Networker ,it will recreate /nsr dir with 755
perm.
Ex:
01/08/02 10:20:40 nsrd: savegroup info: starting netapp (with 1 client(s))
application information: HIST=y;
auth index: netapp;
auth index name space: backup, 1;
auth level: full;
auth mode: save;
auth server: server;
auth ssname: /vol/vol0;
auth ssname long: /vol/vol0;
auth sstime: 10xxxxxx;
auth sstime 64-bit: 10xxxxx;
client id: \\xxxxxxxxxxxxx;
groups: netapp;
hard session limit: 1;
hostname: server;
locale: C;
ndmp: Yes;
password: password;
remote user: root;
store index entries: Yes;
volume pool: netapp;
SOLUTION
Upgrade to Legato Networker 6.1.1
TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2025 AOH
