PQ91701: WINDOWS REGISTRY HAS USER/PASSWORD EXPOSED WHEN SECURITY IS ENABLED CAUSING A SECURITY RISK | |||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||
![]() APAR status Closed as program error. Error description On Windows with security enabled a Windows service has theLocal fix Problem summary **************************************************************** * USERS AFFECTED: User that store start and stop arguments * * when creating a Windows service using * * wasservice.exe * **************************************************************** * PROBLEM DESCRIPTION: Start and stop arguments are stored * * as plain text in the Windows registry. * **************************************************************** * RECOMMENDATION: * **************************************************************** Creating a Windows service using the wasservice.exe gives the user the ablitiy to add start and stop arguments to the starting and stopping of the Application Server. These arguments are stored as plain text in the Windows registry.Problem conclusion This fix includes a -encodeParams option that encodes the startArgs and stopArgs registry values so that they are no longer in plain text.Temporary fix Comments
APAR is sysrouted FROM one or more of the following: APAR is sysrouted TO one or more of the following: Modules/Macros
Publications Referenced
|
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server > General
Operating system(s):
Software version: 00W
Software edition:
Reference #: PQ91701
IBM Group: Software Group
Modified date: Oct 14, 2004
(C) Copyright IBM Corporation 2000, 2008. All Rights Reserved.