Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

bv-for-unix problem: ignoring ignoring the command for "path", because of potential risk of remote command execution

Created: 20 Jul 2011 | 2 comments
Robert - Security Research's picture

Hi all,

Does anyone have ever suffered this error "ignoring ignoring the command for %path%, because of potential risk of remote command execution" with bv-for-unix on AIX machines? All I found is a knowledgebase article that describes the problem (http://www.symantec.com/business/support/index?page=content&id=TECH114721&key=53782&actp=LIST), but it only provides a solution for an agent based envirenment. I am using CCS 10.5 in an agentless envirenment. Anyone here who has a hint on that?

best

Robert

Comments 2 CommentsJump to latest comment

cmccoy2's picture

look in the X:\program files (x86)\Symantec\RMS\Control\Unix\ConfigFiles\

There are several files that control what the Agentless Unix product does here.  There is the bvagentlessconfig.ini and other files there that would list out secure files or commands.   Check out this article to give you some direction:

http://www.symantec.com/docs/TECH114243

Hope this helps.

Robert - Security Research's picture

Symantec support could identify the problem. The error message is caused by special characters (like "~", ")", "[", ...) in filenames while iterating through the file system. I have seen hundreds of files with such characters on customers unix server, so making an exception for such a huge amount of filenames is not feasable.

Nevertheless, now that I know the reason for the error, I reviewed all the filenames causing the error. These files aren't from higher interesst as they are no configuration files. It is ok to ignore the error message for these files.