Service pulse question

(Kevin Ison) #1

Does servicepulse need to be running? Its being flagged on our security scans. It is using the Local Service account for logon.

The security alert says:

Path : c:\program files (x86)\particular software\servicepulse\
Used by services : Particular.ServicePulse
File write allowed for groups : Everyone
Full control of directory allowed for groups : Everyone

(Sean Farmar) #2

Hi Kevin,

Yes, you need to have ServicePulse running if you want to run ServicePulse dashboard…

Does that answer your question?

(Kevin Ison) #3

It kind of helps, the problem is our network guys are running a Nessus security scan and ServicePulse is coming up in the scan as a problem. We need to know if there is an upgrade or how we can mitigate this from showing up in the security scans.

We do not need to run ServicePulse dashboard though… Is that all this executable is for?

(Sean Feldman) #4

Hi Kevin,

Looks like you’ve raised the same question on StackOverflow which I’ve answered.
I would encourage you to open a support case with to understand your scenario a little more.

Thank you,
Sean Feldman

(Ramon Smits) #5

I’ve already supplied this response on SO:

The scan is complaining about file permissions that are too open. Everyone should not have write permissions in any Program Files folder.

I inspected my installation folder and have the same issue.

The fix is relatively easy:

  1. Select the properties of folder C:\Program Files (x86)\Particular Software\ServicePulse
  2. Select the Security tab
  3. Select Advanced, a new dialog opens
  • Select Enable inheritance
  • Select OK and Yes on any confirmation dialog
  1. Select Advanced again
  • Check Replace all child object permission entries with inheritable permissions entries from this object
  • Select OK and Yes on any confirmation dialog
  1. Select Advanced again for the 3rd time
  • Remove the current entries where Inherited from states None, on my system those were Everyone and System, make sure that you see all other entries inherited from the parent folder and make sure you do not remove any of them.
  • Select OK and Yes on any confirmation dialog

It seems like hard procedure but that is because I’m being very detailed here. Some steps potentially can be combined but doing one change at a time keeps things easy to understand.

Now your file permissions are correctly set and comply to your security audit software.

(Kevin Ison) #6

Very much appreciated. I will make the changes and see how the scan goes. Thanks again for the reply!!