MFT permissions to access sensitive configuration information

Any file used to store sensitive configuration information, meaning any file referenced from the IBM MQ configuration tree, must not have system-wide read, write, or (where applicable), delete permissions. These restrictions also apply to truststore and keystore files.

If a Managed File Transfer process detects a condition that a configuration file contains sensitive information, is a keystore or truststore file, and has system-wide read, write, or delete permissions, the process takes one of the following actions:

  • Fails to start, if the condition is detected at startup time.
  • Generates a warning message and ignores the contents of the configuration file if the condition was detected at runtime. This is relevant to the protocol bridge and the Connect:Direct® bridge, which reload a configuration if it changes while the process is running.


On systems with a UNIX type file system

The criteria for determining that a file has unacceptable system-wide permissions are:

  • The others class has been granted read permission on the file
  • The others class has been granted write permission on the file
  • The others class has been granted write permission on the directory containing the file


On Windows systems

The criteria for determining that a file has unacceptable system-wide permissions are:

  • Any of the Everyone, Guests, or Users groups have any of the following permissions:

    • Read data permission on the file
    • Append data permission on the file
    • Write data permission on the file
  • Any of the Everyone, Guests, or Users groups has Create files permission on the folder containing the file and they also have any of the following permissions:

    • Delete subfolders and files permission on the folder containing the file
    • Delete permission on the file