Under Review
over 7 years ago

Post Migration Custom Command - Security Flaw

Is it possible to add a feature to the custom command post migration set-up that would restrict users from changing the variables defined in the custom command.  We restrict our end users from using the UNIX account that allows the ability to SSH.  If we define a custom command the user can put any command in the "command with parameters" window and compromise our server after selecting the run button during the post migration process.  We would like the ability to define the command but only allow the end user to execute the custom post migration as-is, preventing the user from adding or changing these variables.

This is a great feature but completely useless for us because of this security concern.

tim.rogers
Parents
  • over 7 years ago

    Thanks Tom.  That did solve the problem for this specific issue, once the permissions were updated as you described the end users were no longer able to access the "Command with Parameters" field.  

    I'm curious if the other settings still available on the custom command variables screen would have any negative impact if changed by the end users.  I'll need to look closer at the security permissions and play around with these settings some more.  I know if deselect the SSH checkbox, which is still available, the custom command we created fails.  

    Pending some additional testing, I think the options still available should have the ability to be restricted as well to prevent any unwanted actions by the end users.  This permission change is also an all or nothing option, there may be instances where we would want the users to have the ability to edit.  I think the ability to lock this down should be by individual custom command and not a global setting.

    I really appreciate the feedback on this Tom.  I totally missed that permission during my review to set this up.  I might be able to use this custom command now which would allow our developers to compile their COBOL files on their own without intervention from the PS Admins.  

Comment
  • over 7 years ago

    Thanks Tom.  That did solve the problem for this specific issue, once the permissions were updated as you described the end users were no longer able to access the "Command with Parameters" field.  

    I'm curious if the other settings still available on the custom command variables screen would have any negative impact if changed by the end users.  I'll need to look closer at the security permissions and play around with these settings some more.  I know if deselect the SSH checkbox, which is still available, the custom command we created fails.  

    Pending some additional testing, I think the options still available should have the ability to be restricted as well to prevent any unwanted actions by the end users.  This permission change is also an all or nothing option, there may be instances where we would want the users to have the ability to edit.  I think the ability to lock this down should be by individual custom command and not a global setting.

    I really appreciate the feedback on this Tom.  I totally missed that permission during my review to set this up.  I might be able to use this custom command now which would allow our developers to compile their COBOL files on their own without intervention from the PS Admins.  

Children
No Data