MFT permissions to access sensitive configuration information
Any file used to store sensitive configuration information, meaning any file referenced from the IBM MQ configuration tree, must not have system-wide read, write, or (where applicable), delete permissions. These restrictions also apply to truststore and keystore files.
If a Managed File Transfer process detects a condition that a configuration file contains sensitive information, is a keystore or truststore file, and has system-wide read, write, or delete permissions, the process takes one of the following actions:- Fails to start, if the condition is detected at startup time.
- Generates a warning message and ignores the contents of the configuration file if the condition was detected at runtime. This is relevant to the protocol bridge and the Connect:Direct® bridge, which reload a configuration if it changes while the process is running.
On systems with a UNIX type file system
The criteria for determining that a file has unacceptable system-wide permissions are:
- The others class has been granted read permission on the file
- The others class has been granted write permission on the file
- The others class has been granted write permission on the directory containing the file
On Windows systems
The criteria for determining that a file has unacceptable system-wide permissions are:
- Any of the Everyone, Guests, or Users groups have any of the following
permissions:
- Read data permission on the file
- Append data permission on the file
- Write data permission on the file
- Any of the Everyone, Guests, or Users groups has Create files
permission on the folder containing the file and they also have any
of the following permissions:
- Delete subfolders and files permission on the folder containing the file
- Delete permission on the file