Patch-ID# 121961-01

NOTE:
***********************************************************************
READ THE TERMS OF THE AGREEMENT ("AGREEMENT") IN THE LEGAL_LICENSE.TXT
FILE CAREFULLY BEFORE USING THIS SOFTWARE. BY USING THE SOFTWARE, YOU
AGREE TO THE TERMS OF THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE
TERMS, PROMPTLY DESTROY THE UNUSED SOFTWARE.
***********************************************************************

Keywords: qsh qrsh qlogin root security vulnerability
Synopsis: N1 Grid Engine 6.0: security patch
Date: Mar/23/2006


Install Requirements: None                      
                      
Solaris Release: 7 8 9 10

SunOS Release: 5.7 5.8 5.9 5.10

Unbundled Product: N1 Grid Engine

Unbundled Release: 6.0

Xref: See patch matrix below

Topic: 

Relevant Architectures: sparc

BugId's fixed with this patch: 6366691

Changes incorporated in this version: 

Patches accumulated and obsoleted by this patch: 

Patches which conflict with this patch: 118083-08

Patches required with this patch: 118083-07 (or greater)

Obsoleted by: 

Files included with this patch: 

<install_dir>/utilbin/sol-sparc64/rsh

Problem Description:

6366691 utilbin/<arch>/rsh can be used to gain root access

Patch Installation Instructions:
--------------------------------
 
tar.gz Patch Installation:
--------------------------
 
   See the patch installation instructions below before installing this
   patch!
 
   Patches in 'tar.gz' format cannot be installed with 'patchadd' on Solaris
   systems. The patch is installed by unpacking the 'tar.gz' file(s) in this
   directory in <install_dir>. <install_dir> is usually your <sge_root>
   directory. The installation of this patch later is not visible with the
   "showrev -p" command on Solaris.
 
   This patch cannot be backed out. You may want to make a backup copy of the
   files  before installing this patch since the files will be overwritten.
 
   Please read "Install Instructions" later in this file and carry out all
   steps before you unpack the 'tar.gz' file(s) included in this patch.
 
   This patch in 'tar.gz' format should not be installed if the original
   package has been installed with 'pkgadd' on Solaris. If the original 
   installation used packages ('pkgadd') utility, install the available 
   patches for N1 Grid Engine 6; refer to the patch matrix below.
 
   The patch is installed by user root by unpacking the file(s) in the
   directory where the original package has been installed:
 
      # cd <install_dir>
      # gzip -dc <patchid>/<targzfile> | tar xvpf -
 
   After installing the patch, you should correct the file permissions if
   your Sun Grid Engine installation is installed as an "admin user" system:
 
      # cd <sge_root>
      # util/setfileperm.sh <sge_root>
 
 
Patch requirements and patch matrix for N1 Grid Engine 6 packages
-----------------------------------------------------------------
 
   This patch fixes only CR6366691 and can be installed for every patch
   level of the binary packages of the N1 Grid Engine 6.0 software up to
   and including N1 Grid Engine 6.0u7.
 
   Later updates of N1 Grid Engine 6.0 will include this fix. To verify if
   your installation is at patch level N1GE 6.0u7 or earlier see the 
   binary patch matrix below.
 
   1. Patches for packages in Sun pkgadd format
   ---------------------------------------------------
 
      Package name*   OS*                    Architecture*    Patch-Id
      -----------------------------------------------------------------
      SUNWsgee        Solaris, Sparc, 32bit  sol-sparc        118094-07
      SUNWsgeex       Solaris, Sparc, 64bit  sol-sparc64      118130-07
      SUNWsgeex       Solaris x86            sol-x86          118131-07  
      SUNWsgeeax      Solaris, x64 (AMD64)   sol-amd64        120438-03
      SUNWsgeec       all                    common           118132-07
      SUNWsgeea       all                    arco             118133-05
      SUNWsgeed       all                    doc              119846-02
 
      *Package Name = see pkginfo(1) 
      *OS           = Operating system
      *Architecture = N1 Grid Engine binary architecture string or
                      "common" = architecture independent packages
                      "arco"   = Accounting and Reporting console
                      "doc"    = PDF documentation
                      "gemm"   = Grid Engine Management Module for Sun
                                 Control Station (SCS) (tar.gz only)
 
 
   2. Patches for packages in tar.gz format
   -----------------------------------------------
 
      OS*                        Architecture     Patch-Id
      -----------------------------------------------------
      Solaris, Sparc, 32bit      sol-sparc        118082-07
      Solaris, Sparc, 64bit      sol-sparc64      118083-07
      Solaris, x86               sol-x86          118084-07
      Solaris, x64 (AMD64)       sol-amd64        120439-03
      Linux kernel2.4/2.6, x86   lx24-x86         118085-07
      Linux kernel2.4/2.6, AMD64 lx24-amd64       118086-07
      IBM AIX 4.3                aix43            118087-07
      IBM AIX 5.1                aix51            118088-07
      Apple MAC OS/X             darwin           118089-07
      HP HP-UX 11                hp11             118090-07
      SGI Irix 6.5               irix65           118091-07
      Microsoft Windows          win32-x86        120434-03
      all                        common           118092-07
      all                        arco             118093-05
      all                        doc              119861-02
      Solaris, Linux             gemm             120435-02

Special Install Instructions:
 

README -- Last modified date:  Thursday, March 23, 2006