This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject

Some users may be experiencing issues when trying to access customer resources like the Case Portal or the Product Licensing Center. Our team is aware of the issue and is working to resolve it. Click here for more information.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Permission issue on the BDNA program files folder.

g_michael
By
Level 2

Hi Support,

We’ve got insecure service file permissions, and we’ll need to ratchet these down to an appropriate security; I guess we’ll need guidance from your support?

There are the existing permissions how it looks like at the current state.

We don't want everyone access permission there. Can we just give teh service account to have R/W permission and remove the everyone from the list.

Plugin Output:

Path : c:\program files\bdna\user console\bin\bdna.normalizebi.service.exe

Used by services : UserConsoleService

File write allowed for groups : Users

 

Path : d:\sv-snbdna-tts\bdnashareprod\agent\bin\wrapper-windows-x86-64.exe

Used by services : snc_mid_sv-snbdna-tts

File write allowed for groups : Everyone

Full control of directory allowed for groups : Everyone

 

Path : d:\sv-snbdna-tts\service-now-dev\agent\bin\wrapper-windows-x86-64.exe

Used by services : nc_mid_sv-snbdnadev-tts

File write allowed for groups : Everyone

Full control of directory allowed for groups : Everyone

‎Aug 09, 2019 09:45 AM

0 Kudos
(3) Replies

RQuinn
By
Flexera Alumni

Hi @g_michael ,

 

Thank you for the question. I will reach out to you directly via a support case to discuss your question in more detail.

‎Aug 14, 2019 02:59 AM - edited ‎Aug 14, 2019 03:00 AM

0 Kudos

bsilverstein
By
Level 2
In response to RQuinn

We are also having the same issue - our InfoSec dept identified this as a vulnerability which must be remediated asap.

 

Could you please share the solution(s) you found with the community?

 

Thank you very much!

‎Jan 07, 2020 02:04 PM

dsood
By Level 5 Flexeran
Level 5 Flexeran
In response to bsilverstein

Hi Bruce

If your issue is wrt to Path : c:\program files\bdna\user console\bin\bdna.normalizebi.service.exe

You will be able to allow the Service Account to have the R\W permissions and remove the other users from the list.

We would recommend testing this in your DEV environment before going live in production but we do not foresee any issues with this. However, it is always good to test encase any anomalies arise.

If your query is regarding a different vulnerability, please provide more details.

Thank you

‎Jan 07, 2020 03:49 PM

0 Kudos
Top Kudoed Authors
View all